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(57) [gift] 

[ggH] <ou l s i #j±.vmm-e* < 

<0#91S$tl4. 16. 2 6^tf5fc#^ti/c^ay^ 

L&-o&{sTZ>tc#><D 2 -rxoA > $ v * - x :Tn -fe V 
13. 1 5£#fr. t^-^jl^^ V\Z&m<D5-+*)V7 



22. «i>i?> 

F5i pagrg-g' 



2J- 



20 



fx}. L 



JJ 
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JJ 



Erie I 1**^ 



Of 7c-l 



15 



^37 



m>m i ] ^a-fe *v^mmwemtsx7* ( 1 
o) r*^, 

D-fetrtf- (PCP) (17), ^U^tDf-^a- 
(CO (11). 

* c <t <t-r £ ^ci a arfigpg-^-jaa^ 

^fA(10), 10 

^A^ffriePCP{c4tf^^«yix>^>«:^^>n^ k 20 

a^^iepc p^sin-r ^/ti5<D^®, 

lata i ^<o^+ ^ju^p ^ A^iattr ztcxxom i <o 

mfsaatg^^-r^fed&fCBjffa i -oo^—zzl^ * f<d 

«ff23 v> F7 < -/I/ F£g»HK£/c#><E>3^ -^br 

isp c p ia»R^ n - FmftZim-rztc&cDm i <o 

LXfUMx. >i»<Dmzzm2 com * y k: y >p - f * 

A. 

ab©?*-*;^-* Fftiffi^x^Arabor, mfc^?# 

•fr^j^n^A^aaaL, ^m^^Yu^vtm so 
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ffSWJTT if^^ztx,, F<D^P~FSg#tc#tl/r^ 
h4>&*lcJ:-3?tt£3ti -Stale** 
^teST^/ca6©^a^AnltfeBg^^a^^^ (PC 

p> (i7>. *LTm&^<y#&&*m&m*)fr-om 

*Jb7a y^A&ffilBPC PfC*5W^«fflj:>i»{c^ 
^>P-K£tf*l©^spgg(cO (ll)r*o 

KccttH?gg^-/D- FSB^wssrs^-r 
^ acc j: zxmz&m? h tcabmmmx. > ^>od^ * 

A. 

Atcij^r^- * F ^*as*r^^£fe ( 2 o o ) r 

(2 08) F<D^l<3Q«>©tCfe^^fg 

^a^A^a«(|-r^®i5g. 

(208) tasam 1 <D^— y F *M®-r^/cdi>(c 
(2 10) m/fa^J^n^Si>^>^^^T'2>^^: 

y kifafai^ i % zl^- y h£zg< 

(2 16) ^a^ij$n^to^x>^>^cgrrfs^ij^n 

/c^^*^^p^A^rP-Fr^©Pg, -^Lr 

(220) ^a^ij^nfc^^^^^P^^A^fiEfflL 

©pg(iSaSa«9 $ titc * + % & 7 p if =y a (c J; o r MIE 

mi(D7=-zzL-y h^mm-r^ms^^, m^mm 
^ei->XT*Afc*jc»r'7 ; -^a.xy F^®sr^ffi 

(200). 

^^r& (200) r*ot, 

(2 02) jT7-#-^F, nv>F[D7^ 

F*J J: ^ >fp- FS5»dtrfll 1 <0r=- 5zLZ-y 

(2 08) t?iam 1 0)^ y*fV a -JV F(cS^#fjam 
1 <Dt-Z^~ y F fc^LTftiE^tSteo 1 o£HfT 

(210) BJiasrKDf^-^j-x^ h^ie^^n/c 

1 o^Sax y F £3£ < ©|ig % 



3 

ttLmz^^m<Dmviztxtcir>$:mzT?z> (22 
* lt < s^imridm 1 o x - * ? 

^ffitg£I^^K||frt*;&££ (200). 
[»9!OKtBQcBHI!] 
[0 00 1 ] 

[*^©JPiT*JKJg#I?] C<O^W«-HKWCC««3c»g 
[0002] 

^C^S^ffl^-^-y h<D^K#0T6^fe (sec 
u r i t y) <D>jm&&mMLX: mmtsA^Aifi 

^^SS (die probing) is&VHffiK. 

[ 0 0 0 3 ] 77 h 9*TfcJ:^T»HSh**fctt«| 
Z>2X*3£& (task swapping) GtJ:£t£ 

5 ffo&mmzmmjfj: 70d^ 5 jrv ^ * 

[0004] 
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£/c«:i«e£ft*>-rS (vulnerability) 
P ^7A (crypto programs) 

10 htiar*5t^^fAWiWFffir*s. £ 

r£*^#5^^Afci&g-C&£ 0 $6(C£SftC£ 
it. t^Wr^yXAlcMJ: (keyand 
algorithm agile) ^Iv^fAfe 

(context) W^pm (mM. 7A<=f 

<b # * -saw*- $ zmmT* ^vxAf^t: * 

[0 00 6] 

-•7 h«c»f^n>7"^^ h*jJ:CX^P^5A (M* 

fr^if^x^Aoffsr^&^ttfci ^js^- 5? 

^Sit^l^«yXfAijJ;c;M^ffift1-^ 0 *: 

ra. +-^ax-^<D«$t4^^>x^A(Drar3?» 

y7A«r;;^xx>^7V>^6ffS?ni, 
[0007] 

50 ft^coffiH^MT^Citc^D^-Sct^r*^ H 



C 0 0 0 8 ] m 1 *£M8<D#£ (A»3aHBtt(cfffe 

^^a^^Aoj|8ftBg-^ayg^XT*A (crypto 
processing system) 05/\— F^x7 

Bf^>^> (Key 

management cry 
Pto engine : KMCE) 1 Zis&U^W? 
A aJt&mzfX2 -fe-r-y (p r o g r a mm a b 1 e c 
ryptographic processor : PC 
P) 17*WT£. PCP17li2o©telx>i/> k 
^ay^AnIfig^^i>^> ( p r o g r a mm a b 1 
e cryptographic engine :PC 
E) 1 4*j J;CJCMflI«#x>*;> ( c p n f i g u 
rable cryptographic engin 

e : cce) i e^mmr^ mmm*>i?>&* + 

3> (cryptographic cont 

roller: CO 1 1 SCC 1 Ui^gx 

>Z>><Dtt&<D7ciif5A^m*ft 5„ >X^A10tt 

ir^^-^^nir^i^ ( p 1 a n e text int 
erface processor : PTIP) 13fc 
Jr^H^fc^^^-xyn-fe vir (cipher 
text interface processor: 
CTIP) 15*^fr e M%M>£y*-x7xHz v *t 
tt$/c?fgB^X Al o ortg^aM VX ^ A<7) 

ra^iStttfefi^^ u*2^>wt ^ ^ r ^sews. is* 

t^A 1 Ott£fcKMCE 1 2WOTCP 1 7<D&3(DS£ 
18*St?o WAlOi^fcFI LL*U:tfCIK 
2 >^t-A 1 0(OKSI«^>^^7 r a:a^U 

[0009] KMC E 1 2Bft3>* y 2 5 
ft9S'<X2 3{cj;oTCCl 1 tc*S^?nrc^ B ffcoo 
fi3^23»PTIP13, CTIP15. PCP1 
7*sjL&#ttjt*V 1 8£CC 1 ItCi^^^o 

[0 0 10]Jr$CUHte^gg*c(^ KMCEUttJ 
/c^*^;I/^-/7<Dl8/J^^-r hn>tV-* (FS 
-RISC) 2 6*Stf. KMCE12tJB$L<[^ 
* F£/ctt*i? A oN»ffifflg (mod N s o I u 
tion extractor :NSE) 22 (DJ^fc 

m2<D*mfm*^it$. fs-ri sc2 6t»?£L< 

tt2ffi<D (dual) 3 2^v hR I SCnT*>e>& 
0 % C *itttt*i&* life* *i/c ( e m b e d 

e d) S$t<U-fv>^fA (secure 
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operating system: SOS) £H?t *i~ 

a i 0^8^^n^^A^^e»;3^6*ffr^S J:^(c 
TZttJtotetfjt >^-<^h> (segmentatio 
n) ^Of^^^gS^ffifitrs. -£<DJ:5fc*;^«: 
^fflS%fft)&ti*fcliaaB>^^^ (s en s i t 
i ve data) «K9&fettl>£;**fe£CFifrOU 

io u < tt^* y 2 5 «ca jEhifiSJ^n w A-rf 1 1; (r 
OM) frt>mf$txZ> 0 

[ooii] *9bh<d*f« is^mmm-cit, m&F s 

-R I scosoSKir^rrt^ROM^Mffcla*® 

VX^rA 1 0O-fe;U7r^ H*J:e*g«gta, 

AO- Pfe J:a<l3B$H7;U?- l>s<JUm&2x 

tr. ^o^ap- PiiSS^J;^«5^P^^A<D 

XA^/ctt^D^AODPCP 1 7^<Dn- P*^St*. 
20 [0012] FS-RI SC2 6K£ft:y*y 2 5<Df*3 

ffl^n^Ay^y (RAM) ^6or^y-5r->3> 

ARAMjCp6FS-R I SC2 6 tt<£ oTttfl=T£ftM 
Wttr^V ^r-: >V7 h^xTttC I Kfe<fc&St& 

h33Kftm (fill-port proces 
sing) ©J: 9ft«ffi«dtr a ccD^i+-or>n- k 

WW. W*.tt. /^y 3F^*-^a^A«cj:*-fe-!r»/ 

tfo T^y^-l/3>V7 h^xrti^/fcn- F (1 o 
ading), <£SE (ver i fying) , ( c 
hanging) **J:tfdffHft£ (auditing) 
<D£ 5 Sr> X 7^ Agffiijjt: cf + - «a«|6*dtf CiAi 

[00 13] FS-RI SC2 6K£*4rV:7n^7A 
y y frh<DT y tr—is h > y ^ h^xr^sdfp^it 

*X h^X^A©RAM<bT£C<h#tT€f£. fl-35^n 

40 ^ARAM^6MffT5-e<0J:^Aj:r^y^-^3> 

S DS- 1 0 l*f<t^NSA8 7-2 

7) % *-fI^U->3>, =3^>F*HS* 

[0 0 14] PCP 1 7tt, iOfctt, y-irjxi^ h 
egyp^^AnjfigX-/\*-X^-^ (supersca 

i e r) *§nmmmx?&z>. h« t »^ 

so L<KftS*;* HCCcto. -f>»7*-x-7 r n-b7-y-l 



7 

3*1*. CC 1 lttg^cSn^rr^^^ h (cont 
ext), zrK4f5J*z*-V* «fi§ (state)W 

-f >**>^x^ h (P-K) "r-SCiCCcfc^f 5 -^^ 

CP174CO-K3 n^otes^tft>n5 <fc 

C E 1 2 <D J; 5 ftffiOf^f^ * Y > a >lcm£*zTZ> C 
[0015]CClllt £OtoW. 
16, N S E 2 2 &<fc t/F S-RISC26 <Ql?fTS&K 

oit^f-^a^tirs, cc i n*SK 
WK^Krr*^^-*, pcp i 7*c-f >x h-^-r^ 

r-^>^>^^A^ur«6f^r-s 0 cci n*cft*& 

36(C 4 CCI l»/<9^y^>F«0fai3|ffei2 
PXt— l?>i/ (background 
staging:) £ff 5. £^—2 

Z> (staged) 0 fjtfiS^v K fl^tt 

tt* PCP 1 7^<Dr-Z3.-y h<DK2l, y^y©^ 

[0016] #^C[>fcP£ Lt^HifeJ&ffi-Ctt. P C P 1 
7\t, <tDtoW. ^^^Bf^t*5<i:OTg#«^<DJ:^ 

^tTbn^iof- zfumzij $ . 2o<Digit«!six 

>^>, PCE14*Jj:c;CCE16^fT5. 

(codebook style) ^u^vA^frC^ 
-»CCE16{i3>;^t^O (combiner 
style) :/a^A£H?rr£ 0 PCE 1 4* J: 
tfCCE 1 6(£8&tCl^0*ott*£{±T3 2 f ^ h 

Of-^mti 2 0 0MI PJ:»)^:*ft«ailA« 

PCE 14 

fcJr^CCE 1 6 4 Xr-^q^7 Y >«Jft£-Ctitf 
1 0 0y*^^r»fW*J»ttjt3 2t^ h R I S C 

y-vm&ztxz. cn^coR i sc^a-b^if 

fc£. <t 0 *>W. Hi$F*J ( i n - b a n d ) fi^S. x 
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<fc 9 2tBM<DTctt>( l C bmmT Z C t 3&*r # 

[0 0 17] PCP 1 7tt£fc* + *;l/:/oy^A;feJ: 

*1rRAM9 (CP- RAM) «£tr. CCI Uir- 
*jz^* h£&^&imc^ + *;t/:/p^A£CP- 
RAM9^6®lx>i/>©y^r "J-^i >p — f-f 
5. CCI U^fcf-^^^ SifrKX P 

- R AM 9 fr^Mm* >Z/><Djt V ^4 ^ +*Jl^p 

10 [0018] KMC E 1 2Wt, £9 toW, i/XfAl 0 

Ttt, KMCE 1 2 tiKMC E 1 2rt<Z>ROM(afl#j£ 
^h/hg5t^U-T^>^XfA (SOS) 
tf. LC**SBBJSrti, FS-RISC28 
fg3 2 tr? HR I SC^P-fe^irr**. FS-RIS 
C2 6{CflH*T, KMCE 1 2tt»*U<tt/^tj 

fcimn^Pt ^tf (math coprocess 
o r ) &&tt 0 C(OmSmmV[t. KMCE 1 2 K&BR 
20 ^^^^^^--^^^jl/CDatoiA^ri/t (embe 
ded) 7^; ^r-> a>09EfT«?IttCC^«ft:«CC43 

[0019] ttosueBaa*ctt % yxrA i ot*«*<z> 

-$7D-^-r-tfi'^t (data flow 
through architectures) 4te 
(in^p-fe^lfT— (coprocesso 
r architecture) J&5g£Jfi"C* 3<fc 5tCT 

*-ftt¥XY>f7x-^#- h 3 3^6^X^>^ 

wai 0 5c«^ii^4ifc$/c«aiWi^n/c 

rta5«S^*-XA«fS«>^ (sensitive)^ 

*^M*Ztc&te£V±$rj;&itomm$ (de s i g 
40 n assurance) **ffiCc&&-r£. 

[0 0 2 0] ^f^A 1 O<7>»^Lir^H5S0SS-C« t P 
T I P 1 3*5j:tfCT IP15IJFI FO©ia^ig^<g 
h 3 3iJi;^3 7K:iJt>r8 fcT^r h, 16fcT^ 

< «aai3m*s j: ^^Ji^ja^ > * ? x -x*^t? „ 

PT I P 1 3*J^CT I P 1 5{irta5^PH2^tf, ^ 
50 WotfUhi. «Fibu*SSBjgr«, Y>^7 
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*-^^n-k^1MJ±2S (full duplex) 

[002 1 ] ^>^7x-^F3 lttKMCE 1 2 
X. flteKdt-^ (configuration sign 

H*3 3 fc^? HD;^— 2 4^*h<Z>TK 

Al 0©Jf$ L^Uffi^SS-Ctt, KMC E 1 2tiPT I 
P 1 3$/c»CT I P 1 5*MLXzi^>\:*sJ:Zfr- 

[0022] S/^fA 1 0 ii^/tn>f^^ F 
(context port) 3 6 frC^i^T^^ 
Xfy^'J/U38 (CNTX) £^t? a «fglA>Hfti 
J&@Ttf. x>mx M 3 8^gfSa>^^ 

x hy^euw:^-r^fcd6ccffim$4a5 3 3et» fod^ 
-^x^j^t KuxMtap^xa^^sn*. cc 
l i«pcp i 7<c*tt«r*^4:/&*x**i&5tv 

3 8 ttrtS^f* V tc&&L1$z i><DJ: 0 i>& < <om 

[0023] CCTiffl$ntl^n>f^^h (Co 
n text) IX, W&\*. $m<0***)\,zfutf^&\iC 

wa-r^tt n*s&fr-itxm (state) a itam 

ft$B (variable information). 

[ o o 2 4 ] »* oi>ia&ftBTtt. «»«<Die^«ys 

^X^AttE*«g|JBg@jEg (ULS I ) SaBc*st,» 

X(ci-5ta«BftBa 1350MI P(Dft»|gA«A5 
[ 0 0 2 5 ] K2 tt, 2£fBS<D#£ Ul>30UBB{cffifc 

1dK&9- + *J\,<D'*lr? bimmxisv K (threa 
d s ) <D&Jl£iirtgtcT*. ftUV7isATUtftt&& 

x f <b©rao#i^fflttmicc 1 1 fcisvzmmtm^ 

» (finite state mach ine) (c 
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[0 0 2 6]H2*#l«i 4 1 
H5raiK$/c«:*^A^-/> (time-line) 

:/a-fe i 3 ifctt 15 (01)01 -^C£(B£;**i 

^>^^a:-X^D-lr^^«CC 1 14c*fLSfL/C^ 
x-*^-* h4 1 ^«S<C)/fcd&{Cffi^S"C^rt^C 
<t£B$|g5 \iCWLT-*t^~v h©^7^CC 1 1 (c 
iSSCiCc^OSftir-S. f-$a- 7 F4 1©^^ 
io otS««:S^t, CC 1 1 tt-f :/p-fe* ij- 
(Cf*-*:!—* h*. KMCE12, PCEUJ/ctt 
CCE16©J;^^ Sftfc&ffit^^X^ACc&S&T 

*c<h£j£4*-r*. i?2l<k. 7=-^^-^ boy— sb 

[0027] 1r-£ji^t, F#PCP 1 7<C$rtf&x> 

ci ia«i«7£L3^omAr«. si^cc^o. cc 
i i «#? £ l, < wr^x^A i o Gcfct-t£i^tt$#yi;£fe*: 
20 ccr^yta&^-^zi-^ hK^€r^cocr^o a^ 

-r>4 2(C*5C^r, f-^^4 1ttCP-RAM 
9 (HI >-OJ:9&^%i;cclEi££ti. tcrittM 
3Sx>t?> (W£i2 % PCE14jytHCCE16) «c 

hQCO/i? £>^> KftSittS'XfSAl 0 
CCbfc£iB££ (latency) £&/Nc?2. £ £ 
CC. ^Dy^A^^^^>Kf?3l«PCE 1 4$tc 
KCCE1 6(D'fm&? = -23-~v F^MIUfcO^ 

30 -r^Ci^Bfttt^o Sto-c, ^fA©f-^x;^y 

[0 0 2 8] ^^A7^>44ttMx>5/>]d^^ 
h 4 5 ^iM Ur*5 0 ^ n/cf - 

i^ffl7i/-A5 2ttMW«:tti ^^-^^^ 
jur * »3 «cdihi tc^ -*s<t cf ^ AT&i w o g^. 

•fe^^J^HS KCfcC^rCCl KCjttbKLl^-jr 

40 -YA^^>44©ffltc, iassnyhx-^^Lx-, hwia 

Ztltcy^-ZJL^v bV$>*) x ^o^-fA7-{>4 6<D 
ISItcneP^X FfcgiSStl^. K^-^^^r/ F$r«kS 



XL 

[0 029] B2<DMy-fr 5^ A^J^n* J: ^ 
tt. ^-£3.^? Mi'**-? b (P 

cp 1 7) tcj:oTsm5n/tfg(ciaffix>^> (m 

fc£ PCE 1 4S/cttCCE 1 6) tC<£-oTj&S;*n 
f^^JL-? b\Zr-2^y b±#W%k 

"f-Z^-v hkttf£ L< ttg&cDD^-F (Dw 
ords) (3 2 tr? KD?— F> iJ*htsi*) x *:<D&*t 

«C (continual) ^-Xri£ff ;* ti<5 0 0 
M^TcTY L&~oBVj > £ ^ ^ - x :ratr ? if Cc*jt,>T 

[0030] mij-oz? ^-x^vL^vvizmmffiic 
mo-t^zv ~-x#~bt<cm&*z>j>Z7 

f 3 3^*51^^^^^^— £W\ 

^fi&%mzkitcmc. ct i p i sccsi^n^osg-^ 
[003 1 ] fttmmm&m-citz. ^-z^? 

rfn-kvD-iCji^xmmZtiZ. PCE14$fc«CC 

e i e^^^^fco^tcn-^i/t^^^nft:^-^ 

htefmmzL-v b CP-RAM9) 

*SFS-R I SC2 6r$> ^<D«g#-Ci* 
M*^tJ2 5K&t£3n£. -f>*:7 
*-*:/tH2rrlM 3*J<£tf 1 5 5?^^^ KDt^ 

Stdatauni t pars ing), fiifcKButtt 
^(prioritizing), 3£$|-jS9lis J:ff jS 

F (checkword) £fe£;teJ:aOt<* U SSfSttO 

[0032] tsl>%Na£jttCK % 

l 0(ci:^ri!iKh^f-^^ 7 KmrAi o 

i&&ttrt2 k -O^^^-x^n-fe^ifi 3*$<£tfi 5 
maTK&tjrr^APDU:?*--^* h-C^-^^teffi 
T*. ViPlstSLifih . APDU7*-7y KCC&l*;* I- 
'J — Ax— * (stream data) M>^7x 

^Ojffl©/cto«: A P D U7 =f v ? h^<b^&T& 
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[0033] H3tt *m<m±Lt,*mmmt#tc 
&m-rz<Dic&istcr-zjL~? bo?*--?? b*nk 

T. APDU7 btCtottZT-Z^-v b&m 

3*C^;**irt>&. APDU^t-v^cof-^ 
^ Hi— 24>D9- F*>6&2. S^C0D»7-F«W6 
o^sti**^* h**rrs. *ttJ<Z>D>7- Ftt* 

3 2 tr? bCDD?- F"C*4. *-**U^3r y©D«7— 
10 F6 6«C«(r*T3^>FD7- "F 6 7**0, Cft«l 
(DD«7-Ft7i2^ F&&-T5. 3V>KD9-K67 
CG&C>T2<t4 0 9 4<D(H<DD 1 7- F*7-fe* h£Wf 
-3t7 ^-;l/K6 8^-& B APDUCD 

P— F (app 1 icat i on pay 1 oa 
d) £#tf c 7-/-/UF6 a©**-*****©***^ 

7^ !J^— ^a>:/py^ Att&*©x— hCC 
MUXzj^t-ZX (context swap) 

20 6-C*£. W*tf, m&<D* + *frlCitUTis 

*xa i o^43^rffi»(7>^n^A*^TLrtr^<b 

Ci<o^O^-r^;Hi3l^iXUtF F (c ommun 
ication thread) CC^fT-S o ? ^Xf* v 
^%S«rfiaE-r&%:abK:J: (robust) :/ 

[0034] MOD FiXti&E&ft&lt&i** ? 9 
irA (check sum) D9-F69T*>) k cn 

hO^U— Af&SEt'— (frame check 
30 sequence:FCS) -C*£. tfeS^fl-$fc«: 
***^tfA (CS) D»7- F6 9tttt£<Z>ffi%tctfl, 

I1CC V KMCE 1 2&CC 1 1 ^«^L/JEf>o^x ^^-^ 

[003 5] lo<D»mFCS^ny7AttIS03 
3 0 9-1 964EttS<D32 tf ? KD/^-^a^r* 

40 *ss£-r*o 

^<DDV- F6 6dCtotrTZ>y a -fo Y<D*f A X$/c»A 

^•^D9- F6 6**3 fcT^r h©APDU5r^^ ^ 
-;l"F7K 1 9fcT^ fcd^ + ^^^v^^x^ v-JU 
F72, 1 2fcT^ K0PDUfi37^-;UF73. X^ 
Ttr^h74, 3fcT-7 h©MLS^^^-/-;l/F7 5, 
50 ffitKetr F7 64»J:^yf"Y h7 7 *Atf. M 



(8) 

13 

L S a F 7 5to<kUg&c&Vv b 7 6 liffig 

fc£W;St£ (significance) ^fi£T5. & 
£L<tt, APDU^>f^7-/-;l/K7nt WAtf. 
PT I P 1 I P 1 5*>6<D, fe^K^X 

r-A 1 0©<a<D(^a5v-X^6<DAPDU<DV-^^ 
ST*, APDU^Y^ y-;I/K7 lfcttf£b< 

[0037] APDU5r-f^7^ -*F7 KJ^fcAP 10 
D Utm&A P D U £ ^£§A PDUt^ 

5&r*o i£gAPDutc*fu-cw\ ^^^ju-t>7=^x 

ftb 0 (Cfij|tA P D Ucon^> F D «7- F(C*JC»r#* 
6>n53^7 h<Dg3fc:/o^A## (r e a u e s t 
program number :RPN) C 
CI HiAPDU^>f^7^jI/K7 i^fflUT, <b9 
*>tf* f + ^K>f^7-/^F72©^ (us 
e ) £ifc£-T*o 

[0 038] * + *JW 7 * — ;UF7 2 ttf*— 20 

EOT*. ^^^^T--^Mi^i-^^<D^t£^5£-r 
&o CC1 ltta>7^X Ffc£tf;/n^A**SWT^ 

^ju«wm-s. ***^#£fi££n£<t£, x>Fy 30 

f^(inacti ve)tC&S. -<>7^fw:/fc 
^ + *Jb©^-^JH3*GB (state) fccfcO^&^r 
-£fc£tf/£/ttt:/a^A#C 1 l<Dffigr?is>tc 

FS-RISC26±-Cllfrr5r^!I^H> 
^d^a «tt -r-:/ 6 * * * :/ n ^ a £f?fj 

Stuof-^pcp 1 7^^4nci^rt 

[0039] ft^;W>f^X7^;l/K7 2{CMU 

1 Ofcf? FttfOrtS»S^«3*irc^»«jRr. 

rtS5»^«PT I P 1 3, CT I P 1 5. CC1 K P 
I 2 lrt<D7>^v^lf (randomizer), & 
<t^FS-R I SC2 6£^tf. 50 
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[0040] PDUS$7-/^F73tt»iU<H3 
^> F D V - F 6 7 tC3K< ffigjHjRftftc-S D 
?-F*StfD«7- F©»*5Vf. g<*? -r-;l/F7 3 

zs3^7=-5sl^. y h<D1^*-fX(i4 0 94D7- FT* 
0, Cn«1 3 1, 0 08tr?FTNfe*„ 
[0 04 1] MLS*^7^-^K7 5ttAPDUCD« 
3cU^n,*«jer*. »*Ll»WB5«Wtt. MLS £ 

LS^^ffi<tit®3tl^. 2o©£^Mg£L£l»Jg 

3*i£o *«WflWff*L^SK(UBJBrtt, +-©MLS 
*^t*g*-<fc*#:n~ FSnS^^m^-fffiEO 

[0042] ffi5fcKtr* F7 6ttAPDUCDfc#><E>«5fc 

n«#fH^ra (non-real-time) fl!±m$:ft 

[0043] Aijf^7h77 fcfiff* L < 
<D^y#DV- F«tftI*6ftS. CC1H^7^7 
- F<D^ Vt^ ? ysWftaS tiS i £ fC&ST 

[0044)05(1, *f£9!<DJhf* Ll>llifeJ&gtCfct> 
r«6M-r^(D{Cjfil//c3v>FD'7-Fcr>7*-'7^ F 
^riK*r. nv> FD*-F67fcMff*l,<W:£*OAP 
DUOCteW^ff^ODy-F-Cfc*. n^>FD»7-F 
6 7 1 0 fcTt^ F®37> FI D7-r —)V F 8 1 . 7 
v h©j£S7-f-,iUF8 2, 3bf7KDS*^n^A 
#f (RPN) 7-f-^K83, btr^FOAPDUg 

JUF8 4. x^rer^F8 5. fejz^y^-f 
Dy j —)i> F8 itif-^^7 F«c*fbrilff3ns 
7 r p^A«:*furft£jn5. 5? * i^syg^src 

». J/XfAl 0(C*fLr*3R<D«^»^C^ ff|B», 

»; *- 5^ 3 > V 7 h XT (C>^ L A P D UCDt 1 - £6B# 
(M^.tf, A7y^-^f-^7^-;l/F6 8) ^ff^ft 

[0 04 5] l£§7 -JUF8 Z&UMStiltr-ZzL 
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1 0<DXmzL^? btC£-,X&*£Ztx*>. WILIX. PC 
E 1 4\t\ftfi4>$v *-A7u^yV^<o^—$^z- 
v h <Dmm<D& K) It rfmScT (process ing 
complete) j j£§*Jtg:7 4 F 8 2CC» 
&T£C<t#T£S. 0«{C V CC1 lfcl:^-*^-? 

[0 04 6] RPN7^;l/F8 3 *il?3jcB5£<D (r e 
quest type) A P D U«Cfcl>T £<0*7utf=y 

Cl It*. 01*. t£. K-^fcx>i/>cr) lo^SESM^b 
ro*#yi<D l ok: v * e>^r*/ctf>K:R p n 

T*C<t#r#£ 0 RPN7^-;lK83ttCC 1 1 *J 
AP DU ZJEbi<*7u^ ctWXZZ J: 51c 

TSf&gA PDUft *^ Y^^XtCteW 
-T, ffiLlr^Jg^ffi-CW, APDU^SP*:* F*>£ 

K-fe^hSti*. ^n^A^SUJO^ci^J:^. R 
PNVj-JlFQ 3fct^X^Al 0<DHtf^7 Ffcfc 

>p, ^^>"^^<t^"^^rg^cc^ogwarr o 

X&m?Z>. ffiot, RPN7^;l,K8 3<DffiffiCC<fc 

[0047] APDUg$7^-^K84ttAPDU© 
1^-<X$:tt^r^ 0 ^'Jrw h8 6^7> FD«7 
-K6 7©^#*cjja*.6ft£ 0 CCllttS^ 7 ^7 
- FtCH-f*/* ^tl^37> p D 9 - K 6 7 

(H3) *^T*<h*tCt^T*t<b#-CS£. 

f-^^t. ^7^D»?-F6 6 (S4)<D^** 
Jl^OFZXy Y-/UF7 2 04)«CCll (a 

l) tcJ:orS^^tiXAPDUCcigffi$ti^^+^ 

)UT-zr)\,9 0(Dft (row) *i-*;U;r 
l 0 2 4 «7- Fg<* x 3 2 tr* KD^-^Ol^Sn*. 

cc i i ««ysx>^>i 4*5j:^i eic^r*** 

^9 0©7^;l,F%ffiffln. ^ + ^JUir-^90 
W:2e* h<D»9ST6tifc»a7*-rt,F (alio 
cated activity field) 92, R 
*tr-fcrxt^ h93. -b-f^/< v ^tr„ (save 
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back bit)94, 4tTr? KD^P^AI D 
^^-^K95, 1 7 fcT* KDoJSlT K^7^-;IF 
9 6. 4tr* F<Dg<*:7 a WI/P9 7. *>\fctf3fcf?h 
<DMLS*-£i/? y -/Up 9 8 
[0049] :/jU9 0<DtSfRteAPDU£ 

>££Stf 0 ^^^;l/>T>f r ^X^^- J il/p7 2^^/c 
PCP1 7 (tmvmx htlXl>ftl>* + *)Vfrttl,tZnk 
~?Z> (point) C<L#-C#£. ceoig^ CC l I 
i*MS#?Tfr*l£KMCE 1 2^<tf r -*^x 2 , 
<C<t#T££. — |&Ct, jfflittKMCE 1 2fc<£r>T 
0J^-c— ^ (exception basis) Xift> 

[0050] ^ + ^^^>7 ?r ^^7^-il/P72ttFS 

-r i sc2 6±-cnffrsr^y^-^3>^n^5 

20 A(077 h^XT«C<toT»IOaT6tl^O^ * *JK£ 

<D±*K&vzm<D£&&&&?:tLt l cj:~yx. mm*. 

b &mtyi<c a p d u *mmx cct* . 
Sfbi^+^^^j^$n^^i.^iastoct)5n/c (t 

orn down) KMCE 1 2ttf 

^9 0fcteC>T#rlA>x>F 'J^j&L^^ttx^ 

30 -7 r ;l/9 0ttCC 1 lCD^^ty 1 9CCfaW$n-S, 

[0 05 1] &<7©ft*WCC 1 1 rttcrt&tfjtctt 
^n^MJit-^^^^«3lg (channel st 
ate) £?r^£o ^^*^tS(a6ftLr(r^3Ha<7) 

n>:r^X F^PCE 1 4JfettCCE 1 6±rHffL 
rt»««^«:ttf^KK (running state) 

tc*^ 0 0^L^mmmmx[t. pcEi4*?<tcxcc 

40 E 1 6 tt-lO^ft < i t 4 o<Dy * y^Wl, Ctit> 

iitf>^> < P ing-pong) m^cmvi^ 

<0* + *>l>im^ftl,Xl>2>Wlc2:<D* + ^;W5ci- 

^^y^r7trfc*>^^T^^6T^^^^ (ac t 
i v e) P^ (s h a dpw) ^iS!{fr^. 

[0052] &(D&tctm&®? + *)\,tm\Z? + *)l> 

7 r n^^±{c2^PCE 1 4^/diCCE 1 6 £ 

ra«T^2>+ p^y^eufc^r^ci^-r. 

so -RAMOtcffftL^o^^ F^yjey{c-/>x P-;l/ 
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Sltimffin>^i;^ F&cfctf/Sfctt^n^A^PC 
P 1 7<D®iaiO^CC*^0agr^5 o 09;U*. ^P^^ 
AttKMCE 1 2tC3b2>{,>lX9i.$lizi^?'#x F^^rUfC 

[0 05 3] l^fc^t^^PCPl 7(Cfel>rfi| 10 

I s c 2 6 tcfeivrUfT bro^r :/ «j 3 

)U-zf? h#PCP 1 lK.*s\<fZ>* + *)\,ZL<D (p e 
r channel) Smtftftmic J: ^xm&Z ft£ e 
S£oT, «LMto#7:/l/^-^a>tiKMCE I 2<D/r 

ffi&LtcAPDu^pcp i 7*ii-prs^srr # 

[0054] 7- * *;Uf£3fr:7 ^ -A, F 9 2 liWa&fc:* * 20 
#>tCF S -R I S C 2 6 CC#*&£*i*C £#r** a 

^**^ffiS&:7^-^F9 2&*Mlf£n£,, ^ 
^^^f£S&^^»;uF9 2td:^fcKMCE l 2(c<t^r 

i". "i o" -l i- zm^xwMztiz. m 
&<D*tci±jmf<Dm{tism<DA p d uzam-Tztctbtc 

&V 4 -)V K 9 2 <Dffi(i * * * JKDS&Ct&ffl £ ftfct* 

[0 05 5] »W-fcrxtf* h7^-;lK93«PC 
E 1 4SfcttCCE 1 6±-CHtf LTC^T^iJ^-^ 
3>^P^7A^FS-R I SC2 6±-C*tfLT<,*& 

r^';^r-^ 3 >^p^A(c < fc^T^Ffsn/tSfse5 4 o 

^® (global variables) lCftLX%r 

**tr* F*fcu^ex«*tr? k*h>* h 3 tiro 
fs-r i sc2 6tt^py^A#B*ft-r*ir 

KttfllOT£tt$8£t^T*. v ^ * h 9 4 « 

tt*>irr. 0»*tt. n>f^^KJCP-RAM9«:* 
X F«-^^Ix>y>(7) l OCC:feor*A3tlfc* 

fctt-o* h-^^nrc^t^j^p^AMsti so 
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h<DO< oj&>$fcirr^r££*ft:»tt-te~ 

[0 05 6] T/ay^AI D7^-JPK9 5ttTJl/=fU 

b<fct. yp^7A I D7 -r-A>F9 5(JCC 1 1©^ 
*y 1 9rtCC#^^^ay5AT FU*f^-:/jWCfe 
tt£fT (r ow) £Jg^rr*. ^n^7A7 KUXr- 
>0u«. £9£>tt» cci ltfRftS^a^A^iisi 

«J^T FUX7^ -jb F9 6tt^ + *JUt*fT*nJ^£ 
/cli^af-^^gfSPCP 1 TfiCD^t'jpT-" 
5^H>CDHter KU**«JE-r£. nTXSfeKgE&r F 
UX7^-^K96^^-T5C<!:k:J:0, CC 1 1» 

So 36k:. SORT KW^7-f-Jl^K96ttCC 1 1 tc 

ML^f- ^^cp-ram9(c^o ^-3>^ace^«c 

»l,rCCE 1 6CDPCE 1 4CD7£>r^ ^$/c(Ji/t 
<«HS5nS£orCC 1 1 #A P D UA^fCOfflS^ 

r^rc^^s^^mjAPDU^^^ F»>>*y^ 
&x*^3ft«^»*>^£ft^««j:9fcr&. A 

Pou*sj/t F^y-ti/fcxsr^stirosHKc* 

[0057] ttSfid 7 A -to K 9 7 tt±r^fcCt« 

t^^3^ -f-iUK9 7(i*ifP<b 3 2<DD»7-F<i:<Dia 

*-©«3RU^;U*W*-rs < 1 i s t s ) . 
y 4 F 9 8 OffiCJ A P D U<D^ v #D O - F 6 6 <D 
MLS^^y F 7 5 KfcorSfgi* tife^ ^iifc 
^3fl^ 0 *r-Zify V-JUF9 S^J^J^n^^^^ 

*fbr^^^D«7- F6 GOMLS*^:? ^-;UF7 6 

^r&4„ 

rfiEflar^cDtcsu/cyn ^at kuxt— ^udm 

J**!?? -f-JUF7 0 2, ^n^5Aa-5r-^ 3 >7 
»;UF7 0 3, #/J» (red/b lack)7^ 
iUK704, 7*oy7A7FUX7Y-;l/F705, ^ 
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-Jl> K 7 0 7*5&U$m&2y a —)l> K 7 0 8 

95 (H6) tt***jU7FU;*?--:7jl,7 0 0<DfT 
(r ow) S£ot t &*CD^**Mi^P 

[0059] ^P^7A^^^7v-;bF7 0 2^t 

^A^>ry^^-^F7 0 2«*/t^p^^A^aM^r io 

fc^f^^K Wittt, PCE 14£/cfc*CCEl 

0 3«^<D^^^JU^^tr^^ + j^^^ai/^A<DP^r 
-v'sr^^aarlT^. CC1 ltt^n^7Ao^> 3 
>7 ^-;l^K703 ££&8 Lr-en*5A P D U£r#lST 
^/cfetC^S*C«^K: :/P 9^ A <0 P — is 3 > 
TZ>. 7*p ^ 7 Aa ^r-j/ 3 >7 ^ - K 7 0 3 li$/c 
T'O^Aj&SloFS-R I SC26CCj:ora-K3 

W^/c^CD^Pi^ACDl 0(03 tT— ©^^fffiELsCpo 20 
-en^PCE 1 4*fc«CCE 1 6<DJ:^^^0S^>^ 

^AP>r— >3>>> -f -JU K7 0 3ttlM^^;^ 

y'u y 7 Ao^y 3 >7 ^^F7 0 3u$fcyny 
^A^^-t «; k& o^o^gctjfccr^ir a 1 o 

^>^h-^8J«:KMCEl2«:J:^t:)RS$n^^ 30 
[0 060]*/S7^«^K7 04ttffiL<nyp 

7A^e$7-a^7AT*5MiUttKS7*a^7A 

* (b 1 ack) ^^*V<cra3ft«tt<cB4|ft3 

*v ^o^^^ey^^^P^A^s&L/c&ccW 

&SI*tti>. *^©»^LC^HSfi^flS-ctt, ft/my 
a ->i> k 7 o 2 oft 8M * «;*j^p ^ Asee©*^ 
^Snai^^stiW^p^^AatSo/ctotcJOfflr 

[0 06 1 ] 7'P^7A7Kl/X7^;l,K7 0 5{^ 

* *;u:/p ^ a£ tct**<D? + *jwc%t? *> zfu 9^ 
A©>^ijp^-^ 3> ^ aS i| rSr FUX*-f>£:£ 

K«yp^-2/a>BPCE14, CCE1 
6, CP-RAM9^fc«^a5^^eycc*-SSC<!:^-C^ 
CC 1 Ujyp^Ar -T-JUF7 05^ 50 
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i/tf t^^7*p A<ofiis£#g£i/a>o-£ti£ 

p A^fili > ^ XtikXtfoC p - k s n« -«£ 
f** WB^P^AT FUXIi^py^As&sStt-r** 

[0 06 2] 7*p^7Ag?7 ^-JH # 706tty*iJ 

Kf£t83*l£^ + *;l>:7*P ^7A07OP3- F<Dtf 

-/X*«S«-r*. ^7>^D-7-K7Y-^h*7 0 7(J 

CC l i^(Dy^';«c7'P^7A^-/>^ h-jn,fc 

f&KCCl l3P^*'JP^~2s3>{c«*j&tH£nSfc 

2 D "7 — Kti^P 9 =y AX^-X — ^ £ft-c 

^A(CiK#ftySx>t/>c9^p^A^-:-^k:S^ 

[0063] £ftfi3 7^-;l/F70 8ttCCr>|$SCD^ 
P^^A{C*>C*Tffiffl^tl^S:cDg3^tfo ^KCD 
S3 ttlij 0 ^P ^ A ^O^ST £ T^X <0 * + * ^{cfcf 

itgici-rscim^ ^p^^a^kcds3« 

»^b<«^Pch32D'7-Kcora-r*^ 0 CClltJ 
^ + *;KDn>7^;* h*i!Mx F-;P 

[ 0 0 6 4 ] m 8 it, *^(D»i L imtfaBMlOs ^ 

-cmm-rzvicmLtc-te * ft * (con 

figuration) 3ME<D:7 P-^-f — F*C*£„ 
^iai0 0(J->Xr-A10{ci:or, iObtl 
Jl'^iffctJSSO, ^S8Sr^^ + ^;^p^ 
A^PCP 1 7 (CP- KT£fc#ca?*>ft£o *%^cd 
^P^^A^jegBg^^lg^^A^ -e<DX-^-^^7 
^(superscaler) ^P AoJfifeT — ^f 1 - 
f>*«cj:0» ^tcSftf^-r^tKo^co^Pi/^A^ 
fcottm^ Ctl6<D^P^AttFS-RI S 

C2 6offi£^i/-f^ >yy^fAir^t^v 
x^r^^-e/3>7*p y^A^6^>^ h-^sn 

^, 1 0 2{C^Jt^r, KMCE12«^rAl 

0<D*fiSS^ (components) J:Cf*^X 

7^A*sj@ftj{ci6^orc^c<b«:«iET^/tJ?>i;-b^ h 

tt, ^X*T^y4r-^a>^a^A«Jji.«*^H 
03^6>KMCE12^P-FSh^ #*W<DJW<D 

^tt^isrii, r^»;^-^3>^py^AttKMCE 

1 2©y*i/2 5rttC#«EU, 36>oy*r;2 5*6FS 
-R I SC26^iP- K3hS. 
[0065] 1 0 6(C*JC*r«. 5?X^104(C 

n - k s n^ir ^ «; u 3 > ^/p #^idism=i 

3*1. *?gb<t*FS-R I SC2 6Cr>^^3j*^u-^ 

v >^x^A±rntf3n^. 
[0066] i 0 8m>tu % 

^P^AilCCl l«C»L^^*^gm$Bl 0 7 
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r+zfrmmfmiftter+wmmttm (c 

hannel definition informa 
tion) 107tti/XfAl 0rttciatg3ft&£l>tt 
9l$l*ZbtC£^TmmTZZtifi~eit2>„ CCD*?*? 

T F \s*-T-zf)\,l 0 0<DJr^^^a^AT F l/Xf 
C n6^f-^WiM^ fctiftfljy * 'J 18 (01 ) 

I^>^> 1 1 6(t:fct>T^>;* F-^<*n& 

5. APDUO^^jUY^f^XtiCC i i 

tc^^^iV^ay^A^^ (^>) Jr^cc^-tf^oc 
CI UJCCD^P^^A^: Y>X h-;UL^o^^p^ 

[0 067] r + Zfr&mmi 0 7^n>T-^xhcr> 
^©:7p^A$fctt:/n^A-fe^> h<h<D0«S 20 

&ftitmj£-rz>mn*&t!* mf*-* (e 

xecution code) <D&—<DX U ? F ( t h 
r e ad) «^**Jl/<DW"C&£. 3>f^Xh^ 
T*^l^^V*^AK:fcl>-t«: t ^<0|5jB$ft& 

F#W£L<teftJ$;**v& 0 

a#, iotc*st,*-c\ s&s(3*x7fcf&, T7*)*r 

P 1 7(DCP-RAM90J:^^c>^:i;cc^^>n— F 
a^A#*£ 0 

[0 06 9] 1 1 2CCtel>T!;i:. fig^+- (en 

cryption keys) iAiy^^M. 1 0CCP— F 
(7£L<{2. »*-tt7-f A.#-h (fill 
port) 3 4£iIL/T:/Di/^AnJfig-f >£:7;c- 
^a&T. DESIg-^*- t a'^v v^fcjctf:/^^- 40 

5£(D*-£^tf. UomUHBT hc. y * y 2 5 « 
Z>. 2X2 1 1 2tttt^igtRfcKcFS-R I SC26K 

fcur*-£&£r**-#££*>^ 1 1 i*^tfci 
FS-R I SC2 6fcJ:oTtf*>n£*-% 

r^ffiffl-r^ct^tfci^r^s. fs-risc 
2 6«#iS8^>^^tf (randomizer)^ 50 
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fflr * c <t cc<fc * b<D*&tbxmfmtctoz>tiit$> < <d 

-WFS-RISC26 O^ftCDISICtS-* 1 * * H 

[0070] fcb^X^l 1 2 1 1 1 

fHit-x^^p- (key e s 

c r ow) tc£r>xmm-c$z>i><D±~rz>ct&'c£ 

1 1 2iiifc*-£^-x;**a-6t&&-r 
3*;*^£SifC<!:#"C££„ *X*1 14{t*Jt,>T 
fct. *-fct^**j!,t§«l 13^«ft^iK 

«CCP-RAM9$/cttPCE 1 4$/dJCCE let 

So £*^1 14*sS7tSi, ^fA 1 Ott^-Sr 

[0 07 1 ] H9fcfc, *^<OjffiUl^^SStC*5^ 

~-**~~F-C#* a *fib^iSJ&®'C«, ^flS2 0 0 
tt^rAl 0 o r^m^ n/cg- * (7>:r- £ ? 
FOCfcfUTjffcn*, — ffifc, ^J@2 0 0tt:<fc*ISf6£ 

f^SLbtc^ S'^Al OtiMSStxfcf^^a-? 
FfcJI-SG*;* FiciorfiJffl-C*SJ:^{cT-5o 
[0 07 2] Z>\>7 2 02«:*Jl»"C(i. 5 s - ^^.^.^ F 
te^-SP*;* F*>^^>^^^-x^n-fe 1 3*fc(J 
1 SCCfc^-CSmStlS. F«fiF$t><tt 

otl^ 0 ^-^^^^ h^95^^ FJCJ:orffe<07 

mtf, APDU7*-7? FTT&^X F 'J-Af-df 
(stream data)CD»^& k PTIP13$ 
/dJST I P 1 5 lift* h l J-Af-^^yXfA 1 0 

T§fi£ft£Bfac^-££APDU:7*-v? htc^ 

-v* FCC^feT5C<h^rl»tfSt>^»<ait^Ci. 
[0073] «J5£t9« (Configuration 
informat ion) 20 3 \Zi/^7~2*<DT~7y *r 

tl^^>^7x-^ APDU7t-v 7 h|M t 
*$<fcW»OPT I P 1 3*fcttCT I P 1 5#APDU 
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[0074] *x^2 o 2(;£^-sjl-^ h^aaww: 

v<DWt\±tdtm&w- b *ML,x&&i£tc&m&m& 
x&farzct&x&z. ^-^^ b&immxjtc 
^mztLzm^, ^>*7*-x:7aHz?im5*ss*x 

[0075] 0 4*Cfot>TfcS. A#>f>*:7:* 10 

7-F6 6 (04) <OfcT? F7 6) 

w^tccci lichen, ^n^a^^e^^ ^ 
h#J£6ta£ 0 *x^204<d— SP<tcr. -Y>^^^ 

&m&mz>. 20 

[0076] £X£2 0 8CCfel»Tt2. CC 1 1 ^ 
wl/K72^^t^JW>f^X^ 7-f-iUK7 1 
#>£APDU£-f ^UTt*-*^— ^ bO^v # 
D9- F6 6<DML S #^:7 * F7 5 £§!«&HK9ig 
f^-*^-* F^^^/c&fcjS^&^^i^n^ 

^A*$j:^^*®^^r5. cc 1 1 itgftzzz 

2 0 8 3) — 8P£ br A PDUS^7^^F8 4 £H<fc 

[0 0 7 7] 5rX£>2 1 OtCte^Ttt. CC 1 Hi^> 
^^-X^a^lfGC^Of*-^-? F*, PCE 30 
1 4^/c«CCE 1 6<DJ:3fr&SJ->^>;&£l>W:F 

s-r i sc26^< <t^ri^^ 0 mm*>ztis[* 

»^^2 0 8^e©tS«{cS^^SJR^n^o "n^D 
9- F6 6<D? + Z)\,-{Z/72X7 ^-;UK7 2«f r - 

-RAM9tC?g#>tv fcrPS E 1 4£/cfctCCE 1 

E 1 4$ft:ttCCE 1 6<DU + F^V^ey tcig#>tv£-C 
r^n?nPCE 1 4S/cttCCE 1 6K<fc£jaffi;£f$ 40 
^. 

[0078] £X£>2 1 0<D($K\ CC1 lCCtetf*:? 
U-A^:c ^ ^i/->r>X (frame check 
sequence : FCS) *?&f&M(Dlnl<D7 : — 
5rzL^ 7 h<D5&£tt£^£. F C SCCj: orrag#» 

U/c$^*Xhfc:B5£ti£„ ^^^D»7-K6 6CDPD 
7 *-A^F7 3KPCP 1 7frc^ry^rV$S9 
O^T&fce&KCC l ltci^rffifflsn*. #*9J<3D 
1 2x£>2 1 o^x-^jl- t7 hco^ 50 
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P- F^#<D**&JIx>^>tti9< £ £££tr 0 
[0 07 9] *X*2 1 lfCiJl^rtt. -£<D1$3£<D* + 
^JU{c»*r^n>^^^h^y^>n-KSn^ £x 
£?2 1 2( f c^xu. CC1 lttftWn^A^t 
®^«Ix>^>k:^>p- F3*i£J;5k:t*. 
P^Ktt, ^n^A«PCE14JfcttCCE16 
(H 1 ) ©Vt F9^*'/K:p- F£*i*„ 
[0 0 8 0] £X4?2 1 4{C4jl>-Ctt. MLS^ tf? a 
-^F7 5&* + *)ir-7)\,tc*sVZ>$tf (T%:t> 
MLS*-*^:7.<-jI,F9 8) iJtKStir^o 

b ZXVXZfrmt&Zm 
-r&^ry * —fr b J£g#A# A > £ 7 3: -x ? 
-iUUSS**©^-*^^ h£&«l,;fcfl-SJ*x h 
[008 1 ] £X^2 1 6(C«$t»r» % CC 1 1 [Zzfa 

9 Ftt&T 5 -*^-* b&fam$tiz>mm&-ezz>$v 
£X^2 i 6«i/t-e©^ + ^^yciy-7AK:*fr-sr3 

[0 0 8 2] CK^©f-^^v HCC*tLr. »J£ 
VlT-Z^-v btCtt?Zm%*>V>>{ZF S -R I S 

C2 6 <hi> -e^^o cottSL-c«, r^y^r-^a 
>^n i/^ A**— «KTTK«ifE ir «s 0 x . 

^X^?2 1 6C0^n^5A>f>X JKO-X^sr^tttf 

2 1 6t*CC 1 l^KMCE 1 2fc*tb7 r -*:x^? h 
3W-rf*tf2 5©J:5ftFS-R I S C 2 6 CtBKTr*^ 
FS-RI SC2 6CCSErt"iy^^-y 
^x) ^tu-F2tiX&K)fr^m&<DmM&X£Xi,> 

z> c t zmtor? z> 2 x ^ «$t». 

[0083] £X^2 1 8CCfctr^T«. 7=-^^^tr b 

«cggJSr^nv>F^^6n-5. »il<tt 
^?^L^- y h^v>KD9-F67 (03) tSl^ja 
Sx>^>{e:J:o-C^ffl3n (dfX^2 1 0) . i»3 

CE 1 6"C*5J&&. J&Ix>i/>«n7>FD7-F 
67^CP - R AM9 (CfcW^ ^©SKffigJ&^g^ai 
T. Mix>y>^F S -R I SC2 6T7$>^m^. C 
CI 1»3V>FD7-F67«y*y2 Sp^CD^-^ 

[0 0 8 4] ^X^2 1 87Wft)#iA:^ 3^X^2 2 0 



25 

•7>KI D7 4-*F8 l*S#Mfrr&. CC1 1 ttfti 

ji x > ^ > tc a * + * )i> ? u {/^ a j: -p r 7 s - 

mtamztifc m^tztitt) f-^cTi p i 5 
mztitc) f^^pn p 1 3<<cmz>ct&-ezz> 0 

tt?6CC®fflT5/cJ6CCCP-RAM9(CSI6ti, &Z> 

ir>w:F s - r i s c 2 e cc^* ;* htLZ>®m<DfcibK.jt 
*y 2 5ccj£*t:<h#rars. 

[0 085] &3?W&i!yi«tg2 2 1 ttRf^ffc, »g*|«? 

fl9Lftt>ISig££t*. *X^2 2 2<DRgtC, mt>JZs$ 

3"* (a c cumu lates), *?£L< -7 s -* 
jz-? h(Z>&*©D?-F#s#tJg£*i£<h. #y®£*ifc 

^raL— ? bCD-jr^XCDfQM&tlttDy 

£WT*t<!:£iIfci3n£ 0 £*^2 22«$fcAPD 

>FD?-F6 7 (S3) 0£9tt=i7>KffNfc*ai*. 

v KCC^oTl^CiSrCC 1 1 **H«J-f > * 7 ac-x 
[0086] #X*224<C:fo<,>Ttt. -f>* 7 *-X 

£g3fc-r*. 5*Sf*x Y*3&vmtm,$v x. 

/ci(?)CC/\>K^^^^^n (enga 
*e) CtmS. **£2 2 4<D— gpiLT, 

[0 0 8 7] l»<-?*4)tft£ % f*-*:^* HccttLT 
tflIIfito:&ffl#tT*>ft*. f^^2 2 2«cfe^t, fel/ so 
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^Siift:?*--*^? httPCEl 4J/tttCCE 1 

e*6cci l^s^sn^. cci la^amac 

^5)11*0^^^2 1 0 — 2 2 2#S&£*l£. 
[0 08 8] T:/«J^— >a>yp^Ate^-*Jz^ 

t7*-7yhsticci i&£g>&&£3ck:7£4-& 

r^ye^ti^occi lfc^orgqfeAPDUi^tc^ 
+ * a«#«b»%& c t ft J: -> rSf63 ftUff -T^d 
:&<D*X^*St$&r* 0 

[ 0 0 8 9 ] *%9!<D lXMBftftrtt, APDU7t- 
F^C©?*-*:*—* Hi£X^2 2405f9TK;ff^* 

-v^sn^fflgissn^ apdubi 

^. **W<D«S^Xr'A«^'P^ApIif|'C*l33Cri-3 

^-cduls i^it^ffimuresc^^py^A^^ 

[0 0 9 1 ] *^<D^P^AoJfgBi^^^X^A 

(cai/n^o ^^©^p^^Apjfg^-^ftra^xf- 
rn^^xh^uf^py^A r>u=fyx 

[0 09 2] *^©^P^ApJtg9^V 

^f-AttjEc^fflor ^r - ^ 3 >*ihj*- h rir 

^ * *MiSft ^Bg^S*> J: tfl8£ fcoc<b*«T* 
5. *%W(0^py^A^Jfgag#VX7 : -A<DT-+^^ 
^ * ttiEL/C^P y ^ Afc J:CJP«tB*S7 *4}\,*>4yf& 

[009 3] *^W<D^P ^vApJfigBg^^X^Att^ 
/c7b-^>^(f raming) 

(in-band signaling) (D<t^ 
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a»o>/x ^ a#h* ©«gas«cfct,>T®fla*c£ * <t 5 

[0094] L^HSS^fl§r«. B^II8ffiK*t*rS 
MW^X^-^^KJ, «*(D:/ci5^A<D^B$ 

a^tftc^f-r^feo^s^r, 5 ombpsc^-soc 
u^ewas^t^^iasw- ht^x©^x io 

?<DJi y*#^> F<DWffi£tci*W& (backgro 
und staging) CcJ: 

[0095] *^«H8$^i6f^T^fcfe«:^^S 

^ajsitcf^r ^ # * + & ^ ?• A^ggw 
[0096] Lyl^HtS^ffi"C«. &&m<D%mfx 

S?* > h > £ 7 n-fe ? -*tto £Z?J* y >? > 

t z $X&<DX.triscjL y$c<J; W X 
^3!ft<Djfc#><£>ai(r» (Deep) zf^ A >~?U>& 

^TSCitt^Wft^^^filO^n-fe^if^^ 30 
Ml//c*SfeKl*f IT 1 0, 000 <&<DttfigJi<D*<J* 

[0 097] DSPCD®^flg^Klg^a-b^*tf(cJ:-Sg 
Wtt'< y2#v> F Ccfe^TiSSffiO^ 5? X ^ X ? ^ 

imzmm'tz 3 o^smss®, officii 

&©^cc*tr Officii ^mt^, 

[0 098] ^^W^^MS^X^ACc^sCiT^ * 

"^^-^^^x^Aoffirs^^n/tt^teo. 

*^C* (vulnerable). C<£>G5£te<D 'J X 

xxA^ecfK:^— <d*^ •/ ? ^ Jitceasn/c 
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S I HJfeJ&figr KULSI 1/ < «^<Z> J: 0 
S&Sfc x - £ <D&g£ 2 6 KStf fcT Ztc&>#4 <omffi<D 

zfu - sin -7- ^ > ycc <t o ra ^ 

[0099] ^ A^ffikfiffS 1/ < tt^- F 9 

CDiS^ nxhcDif^ «AW*Olttfc fc<t^J:Dfi 

it^L/cfiStt. «*rSS<^«*jJ:c/<t0ffic^x h 
[oioo] 0^{y^msmmx^ *^«*/cX> 

[0101] *^kcdW* L^HMffirtt, 
^A(i-etie^^x>^>eca- F^tx^^-c^ 

^n^i, ^o^A«a®^tgtc5n-s 0 iff^bt^n 

^B^n^^-^-fefoft^nS (zeroed). 
[0 10 2] L^^t, m^tl/t^WJ^a^ApJ 

ggpg^ffivx^Ar^^r, Sflg^ftM^x^Attf 5 
-^^l^^ h €r*^ST i tc&><D -?u?^ A njigffa-if-:/ p 
•fe^lf (PCP) , fcJ:^^^^-^^^ Fcc^^ 

^saaias (co ^it^ct^aiL, *^faiE 

f 1 — ^^L— y b<D&*{£^y #1 JbF, 37>K7 

^-;WFijJ:CX^^a-F^^6^:^, )6^j?^CC 

^fc«6<D^I9:, b?S^7^-/-;ufk:*5WS^^^ 
^^V^^XCcS^IJtei-ocD-r-^^^-y F^rjagl 
TSfc*k:^»cD^^^;l/^'a^A^6^ + ^Jl/^D 

tPCP tc*stf ^Ix>i/>{c^i ;l/^a ^5 
A*5^>u-F3n5<fc5{c-r^#®, ^LTiol&ja 
Mx>^>{c<tSfiiS^R)!Lr|Ka^^O-F^»* 
PCP-vilBS-rS#S^«b. ^UIB33V>F7 
^ -)V F«*aax>^>(cJ:orS5(f2 1 oco^- ^a— 

(i3e>(c. B^iaioco^i-^il'^'n^^A^rlBffiTS/t 

(D»2<Dy^«;. t?ieia^^-rs/c8?>(CB5Kio(3[) 
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^—Zzljz.-? f-©av>F7 a — il> F£g?*HK£ fctf><D 

[0 103] 3 ^f-A^^n, ^v^^Atc 
7 4~JUF*£0^n~F80«>6tt9. ^ofufBP 

y ** etc/goto) * $ ^ A&tmT&tatxDm 

£2^-*^^? F <D^©»3<D|ffltC HiTffi;r- *3L~y h io 
<D 1 ^<DMS*^Mbr*aSa:>^>cr>m2 C0> * 'J tc 
2^>P- F£*i£ 0 

CO 104] 3 6fC. ttSdexF*^--*^? F£ 
SfaLfr^UmZtift?-*^? F Kc« 
j£T£ffi&<0^>£7x-X:/p*fe7l^ ( I P) 

<0 1 tift:S»««y|x>^>(c J: 1 r><D 

>^^^-X^Pir^t^«Baf2lO(D7 r -^Ji-^ F75i 20 
PCPCcJ:«|Bl«6Tbft:C&«j1«4sx FCtiifcnT 

l©fc©t#*35*;* F^t^zlx-, F«mgj(BftK: 
[0 105]£/c fc PCP, CCbiOWlfcJ:ot>[2 

* ^ ^ $ tret,** . 

[0 10 6] SfefCS/Xf^jWjidtl. CQW^flffBT* 30 

^ Ftt^*^:7-/ — ;uh\ Dv>F7^;l/F 
*£e^^ti~Fat»*>&&!) % PCP(Jf-^a- 7 
F fc#OTffit8£j^^£/ C i64>ft < i 2 -PCDAOSix 

^?^7^-*iUp«e^£^6[}^a t 

*i^p^A^6^**;l/:/p^A£^flT*^ 
S^^^iW^P^A(cS^i^ia;>^>(Dlo 

^P^A^PCPtC*J^^igfRS|a/tftiffia:>^>tC 40 

* p c p KBas-r 

[0 107] Sfcfc. CC<t*S^3nfc*-g3IIg^x 
>i^> (Key Management Crypto 
Engine : KMCE) «C<t-,tMftW^ni^ 
^AitorcSn. ^oc(D*&PCP«$6CC^n^/^ 
AnTtg^x>^> (PCE) *£0«ft£i9tttt&»x 
>i» (CCE) *A«U a^CCtt&^Q^-*^ 

r^^*n****iw>^x4cs^&&*(^ 50 
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-SrzL-^ h^«rar6yt^^x>^><Dlo^rJi 

cc«<^ft£A«u g?fE^^n/t^#x>^>«g 
» F KttLraa©^ **;u:/p ^7A© 1 
-?**f¥U ^offSlo(D^^^;l^^p^^A«Bga 

10 *:xx „ b<omm<Dm( l cMiRztiit.t8n*>is>u:tm 

3 ti £ J: 5 (tr *^&**tr 

[0 10 8] 36CC. CC^S^CDx-^^l^-^ h&C*t 
b-CfflK6T)^^^;l/^pyvA^6 1 o<D^+*il/:/p 

^^^;U^p^A^J;^Ha[T^n>r-^x FfcO/t 
^otf-^*; F©&*£&&T*fca&<Z>^®Sr*r 

20 ttr&WR (s t a t e) tfffifc^tf oT*J® 
[0 10 9] *fc, av>F«M&J:0W 

mm-rzr-z^y b*%m~?z>tc&<o*ir*)\,7u 
z^-y H©^^p-FO»fc»Lrsiffsn*^*« 
* icj: o rsuti^ ^ r ^ii/^p Ate ufcj&s-? r 
^mm^ulzvV (PCP) k *sJ:WW32^v*»» 
tx5 ?t^;^ay7 A3&1 p c P fcfett ^ffiix > 

^>tcy^>p- Fsns j:9ccrd«#Mmsxft:a 

^>^-7 (CO «i«ci*1«4L. 

me.o c «iaia-<>r n - Fasa«*?- + ^ ji^^p acc 

[0 110] S6(C, ^X^A^^tl. ttJ/^fAtt 

mr-z^-v b <o 1 ^&&m<D tctixomm vzzct 

*CCCc»fii'r*»l©-f>*7*-x^n-fe5r^ *j 
J:CXPC P^6bu22 1 -oof-^^? b<D$BM$titt 

Bs&z&mL. ftffixxb&mizr-z^y b<D&m 

fr-otms titer-* zl^? h«nff^xMc#Hs) 
wwec^-r ^ fci?)<om 2 <o ^ > ^ ^ x - x zru -fe v v 

to 1 1 1 ] ^-eSBt-^x>^> (KMC 
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«^i>i»«^a^^AnItg»f^>t7> (PCE) 

(CCE) *ft<iU avoCCttf^*^-? hKJ:^ 

o > # v x - x ^ a -fe ? tm * — <D y ^ _h 5 
[0 112] 3 ^<Dffi&x>^>£«T*$!^l 

tc* + * ?v A fcflM 1/ T SHEWN S x 

>t/>tc4dc>TH?5am i * F£&&rs& 

BtA««ct*«»i^ av^we* +*^*W9 30 

[0113] BKttB^t 
IS l<Z>:r-£^-? F£Jt^T£&fg<£>#lfT<C> 

x>t?:>*B8W-4S». 191555 3 CD-?- h<D 

03<D7 r -^^^>^fr§aS2<Dtoffi^>> ? >K:M» 
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§g3 <d* + * ju^n #v^*$m bxmmrzfsmzM: 
mzttzmktv. «»3©f->^9 f*& 
9?&aiBKtti39 i ©*mj.>j>>k: «fc*tna» i © 

[ o 1 1 4 ] s e>*c i oco^ffi^^ti, zom&miz 

F4B<fc0^^o~F6K3*6tt^K Srfrffi&iSfcte^- 
„ # v A ~ } \, p £ + * il/ A > 7^ * * tcX-»W 

[0115] ^a<Djs!kS^-7 F^wr^^n 
ftWicf-*^' F^smraspg, mio^? 

#7 a ->l> FCC«-5** 1 cr>5=-^^^^ FCCSL/TBS 
-^18^ 1 ^>^fcff & 5 fci&tc#y!:x- ^ F <D 1 o^^W 
T^KFg, ^1©^-^^-^ h£gtR;*nfclo<D& 

jl-, F I D7-r-^F«c*W41»«Rc»*^» 

-t-Y a- Ffl^«E»brKWmBO»l3 tift: 1 

[0 116] *fc. WE*fTa»*1fft5BK^>*7 

[0 117] $^(c, io<o»ffi*W8h. K&ffit*. 
o-Cl^Htc»2<Df r -^^-7 KCBI/-C, eg-^tfe 

[0118] $fc, loco^^sn. CCDJi^BMSa 
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[0 119] 3 loO£ttatWRSh. Sl£S#:*J 

[0120J SWl ~?<D-fimfrtf%2ti. &tiJ&\*2 6 

tci?5a^ta«8oio^ai^T-sapg. s?a«ys^-^ 
hcDio*igjRT5Spg. B?iE*<effi, *5£&m2<D 
botc&tcBS^&momsiztitL i o*ji 

? b-c*0. K)sa^l4ai:U : m2 07 r -^^--y Mi** 

C£€r*Jffi£U &*<D^ + *;b:/o^AW:Bg^®re 
[0 122] l-?<D3F&tf^3ft. tt^»3 6(C8QK 

<W:£ (plain-text) ^a^7ApJi^>^ 

(cipher-text) 4^ AoJf6^>#:7 » 

[0 12 3] 3 6CClO0^*S7K3ti* CODtg-^Bg^ 
x^ACD^a^^ ApjfB-/ *-x<<c*5i<>xm l <z> 
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V * + * ;u^n y ^ accHXT &*s>t t*a ccBtt 

[ 0 1 2 4 ] 3 e>cc 1 oo*s^?n, cow^arB 

A©:7n a pjgg Y > £ 7 *-xfc*5i>T3r 1 <D 

r£«IEIEl9JT*&|ig*^£? a 
[0 1 2 5] 3 6CC*fc lo0)^^m$fi, CC0»^ 
8iTB-^* #7 a -)1> FttS 1 <Dt=-2zl^ v FCCBBST 

j&^Bfrseftl<D^-£.^-* hKSriO?**;!' 
^ay^Afc^SOU Sl^tWn^ASKi 

S. 

[0 12 6] S&CC?*-*^-, F«BfflT*;SSs#iS 
3189 $ ft 1 <D* + 7 p 9^ a cc L xm 1 
^flmec jr^rasiTdti^a ^ *^^n ^ a 

xm&m 2 ^ ^ )i> 7a A^ffix > it:, cc 

[0127]*^ S6«c«©*a&WflSS*i, 
3 6Ccft2<D^^^^^a^ACCKar^3>7 : '^x 
bZm^x-^it^tcM&t FT^SPS^ 

[ 0 1 2 8 ] 3 e>cc 1 oo^m?n, 

®^>^>^^S^X7^A<D®»Cr>«kax>^><D 
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^nm^>zy><oms^titc 1 ofc J; oTSfl 1 <D:r- # 

^- y bzamTzfflgzmffiu. ^mmm 1 -r 

;i/^n ^5 txtc 1 otDBL&xz^vic > 

[ 0 1 2 9 ] 3 *>K. 1 O^^S^^n, C<Z>i&£fJfa 
F©fi» :/a ^ a pItBBg^teS->x ir A tc J: ~> rff ft 

t>n. frt2^>^^^ h»^^A<D^ep<o^^:y n^r 

2* V&u-Y^zm&m&m&^T?* F*KH» 
Jl4fm«IU»K«8W. 3^3 (Dir- * F(c^£ 

tcw-oxmz <D®m* >^ >xm 3<r>^-^^^ 

[ 0 1 3 0 ] $ *>fc 1 -*D^*^<*n. C<D«^IKB 

m3<o*ir*)],tm*m&mz>m§* #y&x>i?><offr 
[0131] eLk<DWtc»ctt»aiR:Hr 

[ 0 1 3 2 ] c ftfcntt<fett«ffi£ixKqi! 

o/c&exD arc* 0 Mmffitj: *> <o~e 1 > c <t #jus& $ ti 



36 



10 



20 



imi ] *^fl!*f$Lt>JIS60^«:^t>5^ay7A 

(cj|Un7> FD*7— F^t7^-v ^ F0"Cab 
[196 1 *fByj<DW£ LC>X«&K<C*t>Ttt&'r&<Z) 

[■7] .4^w<oc4QK»a(c«»ir»r«en'r&o 

tea Ufc-k * F T » ^*5i: WW******- 7 P * 
-Ft?**. 

[H9] #^CDl7SLl46NBBa«:iilr»r«m-r«a> 
FT&*. 

[fr^colfcW] 

10 Bf-^jam^X^A 

12 +-^-i»>F»f^^>^> (KMC E) 

1 3 W-Jt-OZ? ^-X^utyV (PT I P) 

14 ^n^AnJ|g^Ji>^> (PCE) 

16 ««ffl«»x>^> (CCE) 

1 7 ^n^AaJtgeg^^D'fe^lf (PCP) 
18 &a<rf*U 

2 0 t-x f>t >*7*-x 

2 1 p p n^Apii6^>^7x^ 

22 modNJ^fflfflS (NSE) 
2 4 Pg-^^o-fetr-^RAM 
2 5 ftSM*V 

2 6 ? xJjUz-lffi'b&bizv Fn>f^^ (F 
*40 S-RISC) 
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programmable cipher processing system including some 
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die. 

SOLUTION: The programmable cipher processing 
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and a state) of a succeeding program during the 
execution of a current program. The system 10 includes 
a programmable cipher processor 1 7 for processing a 
data unit based on a channel program, a cipher control 
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host Each data unit identifies a specific channel 
program and is processed by a processing engine 
selected based on the identified channel program. 




LEGAL STATUS 

[Date of request for examination] 

[Date of sending the examiner s decision of 
rejection] 

[Kind of final disposal of application other than 
the examiner's decision of rejection or 
application converted registration] 
[Date of final disposal for application] 
[Patent number] 
[Date of registration] 



Searching PAJ 

[Number of appeal against examiner s decision 
of rejection] 

[Date of requesting appeal against examiners 
decision of rejection] 

[Date of extinction of right] 



Copyright (C); 1998,2003 Japan Patent Office 



1/2 ^— v 



* NOTICES * 

Japan Patent Office is not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the 
original precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS 



[Ciaim(s)] 

[Claim 1] The programmable code processing system which is a processor possible code 
processing system (1 0), and is characterized by providing the code control unit (CC) for 
identifying the channel program to each data unit based on the information included in the 
programmable code processor (PCP) (17) and each data unit for processing a data unit, and 
(11) (10). 

[Claim 2] Each of said data unit contains the header field, a command field, and a payload part 
Said CC The means for reading the one header field of said data unit. The means for 
discriminating said channel program from two or more channel programs, in order to process 
said one data unit based on the channel index in said header field, The means for making it said 
channel program download in the processing engine in said PCP according to said channel 
index. The means for expecting processing with said processing engine and transmitting said 
payload part to said PCP, Provide and said command field identifies the function which should 
be performed to said one data unit with said processing engine. And the 1st memory for said 
PCP to memorize said one channel program further, The 2nd memory for memorizing said 
payload part in advance of processing of said payload part with said processing engine, The 
means for reading said command field of said one data unit, in order to opt for said function, 
And the means for loading said channel program to said processing engine for activation of said 
function. Provide and said data unit contains the header field, a command field, and a payload 
part And said PCP contains the 2nd memory for memorizing the 1 st memory and two or more 
channel programs for memorizing said payload part One of said the channel programs is a 
programmable code processing system characterized by expecting one processing of said data 
unit between processings before said data unit, and downloading in said 2nd memory of a 
processing engine. 

[Claim 3] It is a data unit processing system for processing the data unit which has a part for a 
header unit, a command part, and a related payload part The amount of said header unit 
identifies the channel program for processing said related data unit Said command part 
identifies the function which should be performed to the payload part of said related data unit 
And said system The programmable code processor for processing each of said data unit 
according to said channel program specified by each of said data unit (PCP) (17), And it is the 
code control section (CC) which makes the processing engine in said PCP download said 
channel program which reads a part for said header unit, and is identified by said related data 
unit, and (11). This CC is a data unit processing system characterized by providing what 
transmitted to the memory of said processing engine in order that said payload part may stand 
by processing by said channel program. 

[Claim 4] It is the approach (200) of processing a data unit in the processing system which has 
two or more processing engines. The phase of discriminating a certain channel program from 
two or more channel programs based on the information in the 1 st thing of said data unit, (208) 
The phase of discriminating a certain processing engine from said two or more processing 
engines in order to process said 1st data unit (208) The phase of leading said 1st data unit to 
the memory relevant to said identified processing engine, (210) The phase which loads said 
identified channel program to said identified processing engine, (216) And (220) the phase of 
processing said 1st data unit in said identified processing engine using said identified channel 
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program. Provide and the phase of identifying said channel includes the phase of identifying the 
context relevant to said channel further. This context is memorized by memory and said phase 
to process includes the phase of processing said 1st data unit by said identified channel 
program. Said identified channel program is the approach (200) of processing a data unit in the 
processing system which has two or more processing engines characterized by using said 
related context 

[Claim 5] It is the approach (200) of performing the code function in the programmable code 
processing system which has two or more processing units instantaneous. The phase of 
receiving the 1st data unit containing the 1st header field, command ID field, and payload part. 
(202) The phase which chooses one of said the processing units in order to perform one of said 
the code functions to said 1st data unit based on said 1st header field, (208) The phase of 
leading said 1st data unit to said one selected processing unit, (210) The phase where said one 
selected processing unit performs one as which said code function was chosen to said payload 
part based on the information in said command ID field (220), And the phase which forms the 
data unit by which the 1st was processed in the interface processor between achievement of 
said phase to perform. Provide and said approach includes the phase which notifies an external 
host of said data unit by which the 1st was processed having been formed. And said phase to 
draw is the approach (200) of performing the code function in the programmable code 
processing system which has two or more processing units characterized by including the 
phase of leading said 1st data unit to the memory relevant to said one selected processing unit 
instantaneous. 



[Translation done.] 
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* NOTICES * 

Japan Patent Office is not responsible for any 
damages caused by the use of this translation. 

1 This document has been translated by computer. So the translation may not reflect the 
original precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



DETAILED DESCRIPTION 

[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] Generally this invention relates to the field of security 

cryptocommunication. 

[0002] 

[Description of the Prior Art] The inclination in a communication link commercial scene has 
specified the need for security nature (security) to the both sides of the object for commerce, 
and the market for military affairs clearly. It is important to respond to equip communication 
system with complicated communication service and capacity, and become elaborateness more, 
to preserve and to keep information safe. One of the problems accompanying a security device 
is protection of the code program from exploitation by the reverse engineering technique. 
Generally it is thought that the operation by the hardware of the code program by which the 
code program is included in hardware is safe. The problem accompanying operation of hardware 
is that that to which an adversary or an interest is opposed can determine a program by die 
inquiry (die probing) and analysis using extraordinary efforts. Other problems of the code 
system which is carried out or consists of hardware are semi-conductor processings of the 
high cost for the chip which processes a code program. A semi-conductor is manufactured 
under a security condition and it is because the code program is included in hardware logic. 
[0003] Carrying out the deer of the code program which is carried out by software or is 
constituted, it is thought that the configuration of hardware is not more typically safe and it is 
for the accessibility of software. The typical problem accompanying the configuration of 
software is that simultaneous processing of two or more programs produces loss of the engine 
performance by the task exchange (task swapping) in a security operating system as a result. 
Other problems accompanying the configuration of software are that the arithmetic and logic 
unit of a typical microprocessor and a digital signal processor does not have juxtaposition, the 
numeric value, and logic process resources of a high speed desirable for high-speed cipher 
processing. 
[0004] 

[Problem(s) to be Solved by the Invention] the time of the problem accompanying the code 
processing system of both hardware and software being exchanged between subsystems — the 
defenselessness of a key variable data — or it is attacked and is easy (vulnerability). This is the 
risk of the general security nature for today's code system. 

[0005] Therefore, that it is the need is the code processing system and approach which have 
been improved. It is the code processing system and approach of being processed in a 
commercial chip fabrication factory, excluding a code program (crypto programs), and reducing 
the cost of semi-conductor processing that it is furthermore the need. Moreover, the code 
system for the code program manipulation of high performance is also required. Furthermore, 
the code system which can perform two or more programs is also required for coincidence. It is 
a code processing system quick (keyand algorithm agile) to a key and an algorithm, and an 
approach that it is furthermore the need. It is quick, the code processing system which can 
change the context (context) and program (for example, algorithm) over each data unit 
processed by insurance, and an approach that it is furthermore the need. Furthermore, when 
exchanged between different subsystems, code SHISUMUTE which protects a key variable data 
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is required. That it is furthermore the need is a code system by which a code program is 

protected from reverse engineering. 

[0006] 

[Means for Solving the Problem] This invention is divided and offers a programmable code 
processing system and a programmable approach. This invention offers the code processing 
system suitable for processing the code program of high performance again. This invention 
provides coincidence with the system and approach of processing two or more code programs 
again. This invention offers the code processing system and approach of changing the context 
and program (for example, algorithm) over each data unit processed again to a high speed and 
insurance. This invention offers the code processing system and approach of protecting a key 
variable data, when further exchanged between different subsystems. This invention offers the 
system and approach of having been suitable for processing the code program in the 
architecture of a failsafe again. This invention offers the programmable code processing system 
which reduces the semi-conductor processing cost relevant to a still more typical code 
processing system. With a desirable operation gestalt, the security nature of a key variable data 
is protected, when exchanged between subsystems. Moreover, in a desirable operation gestalt, 
a code program can be updated in the device arranged in the site. Moreover, with a desirable 
operation gestalt, a code program is protected from reverse engineering 
[0007] 

[Embodiment of the Invention] This invention is especially pointed out to the attached claim. 
However, a more perfect understanding of this invention can be acquired by referring to the 
following detailed explanation and claims with an attached drawing. In a drawing, the same 
reference figure has mentioned the same item over a drawing. 

[0008] Drawing 1 shows the hardware block diagram of the programmable code processing 
system (crypto processing system) concerning the desirable operation gestalt of this invention. 
The code processing system 10 has the two main processing elements, the key management 
code engine (Key management crypto engine:KMCE) 12. and the programmable code processor 
(programmable cryptographic processorPCP) 17 with a desirable operation gestalt. PCP17 
possesses two processing engines, the programmable code engine (programmable cryptographic 
enginerPCE) 14. and the code engine (configurable cryptographic engine:CCE) 16 that can be 
constituted. Said processing engine performs a channel program. In a system 10. this CC11 
performs program management for a processing engine again including the code controller 
(cryptographic controllers) 1 1. A system 10 contains the plain text or the plaintext interface 
processor (plane text interface processorPTIP) 13, and the cipher interface processor (cipher 
text interface processorCTIP) 15 which offer signaling for an external interface and a system 
10 again. Said interface processor offers the high performance security flexible buffer between 
an external host and the internal-processing system of a system 10 again. A system 10 
contains the common use or the shared memory 18 which acts as a resiliency **** buffer 
between KMCE12 and PCP17 again. A system 10 includes the programmable interface 21 
combined with FILL and the CIK port 34 again. The trial of a system 10 can be performed using 
the trial interface 20 including an emulation on chip and the JTAG port 35. 
[0009] KMCE12 is combined with CC11 by the internal bus 23. including an internal memory 25 
Other internal buses 23 combine PTIP13, CTIP15, PCP17, and a shared memory 18 with CC11 
L0010] With a desirable operation gestalt, KMCE12 contains the reduced instruction-set 
computer (FS-RISC) 26 of a failsafe again. KMCE12 contains the 2nd desirable process 
resources like MODDO or the modulo N solution extractor (mod N solution extractor NSE) 22 
FS-RISC26 consists of a 32 (dual) bit RISC core of a duplex preferably, and this performs the 
security (embeded) operating system (secure operating systemrSOS) incorporated or 
embedded. This security operating system offers segmentation (segmentation) and task 
management, in order that a task may enable it to perform from the program memory of the 
exterior of a system 10. Or such a task does not perform security processing, it can contain 
the task and subroutine which do not deal with delicate data (sensitive data). The task and 
subroutine which perform security processing or deal with delicate data are performed from the 
internal program memory (ROM) preferably contained in memory 25. 

[001 1] With the desirable operation gestalt of this invention, by SOS of said FS-RISC, the 
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function performed from Interior ROM is divided and includes master control of a system 10 t 
the self-test of a system 10 and an alarm monitor, a program load, and real-time multHevel 
security task management. A program load loads the both sides of security and a non- 
preserving program to an internal memory 25, or includes loading to an algorithm or PCP1 7 of a 
program. 

[0012] FS-RISC26 can operate the application software from the internal program memory 
(RAM) of memory 25 again. The typical application software which operates by FS-RISC26 from 
the internal program RAM includes a function like the fill port processing for CIK and low 
processing of delicate data, or port restoration processing (fill-port processing). This example 
includes loading of a key. The example of other application software which operates includes 
generating, other key managements, and the control function of a session key for example, by 
the public key program. Application software can include loading (loading), verification 
(verifying), modification (changing), a system management like auditing (auditing), and a key 
function manager again. 

[0013] FS-RISC26 can operate the application software from external program memory again. 
Such external program memory can be set to RAM of an external host system. Such application 
software that operates from external program RAM includes a function like the software 
irrelevant to processing of interface protocol processing (for example, DS-101 and NSA 87-27), 
key management operation, command processing, non-preserving program software, and 
delicate data directly preferably. 

[0014] PCP17 is a high performance programmable superscalar (superscaler) cipher-processing 
element which divides, and performs the function about a data unit, and processes a data unit, a 
data unit — desirable — an external host — an interface processor 13 — or it is loaded to an 
interface processor 15. CC1 1 starts processing of a data unit by acting as Ince Tan Scheidt 
(loading) of the context (context) demanded, a program code, a condition (state), and the 
variable according to the read of the header information of a data unit If a data unit is once 
loaded to PCP17 and processing is performed, a result will be written in an output interface 
processor, the processed data unit — or in order to process further, it can provide for other 
destinations like KMCE12. 

[0015] CC11 divides and manages synthetic data migration between the activation resources of 
interface processors 13 and 15 and the code engines 14 and 16, NSE22, and FS-RISC26. CC11 
is insurance by the data which should move roughly, the task which should be installed in 
PCP17, and determining when program execution is started — it operates as a ****** real- 
time operating system again. CC1 1 attains this by investigating the contents of each data unit 
This is later explained to a detail. This data drive architecture provides a system 10 with the 
throughput of high performance. Furthermore, CC1 1 performs a background dead work or a 
background staging (background staging). A following task and a following data unit are set up or 
prepared between activation of a current task (staged). Said background activity makes the high 
throughput for a system 1 0 possible. For example, the program load for a transfer of the data 
unit to PCP17, the clean-up of memory, and the following data unit is performed between 
processings of a front data unit 

[0016] With the desirable operation gestalt of this invention, PGP17 divides and possesses two 
high-speed processing engines which perform other data processing typically performed in a 
function like channel encryption and decryption, a security communication link, and signaling, 
and PGE14 and CCE16. With a desirable operation gestalt, PCE14 programs a code book format 
(codebook style), and, on the other hand, CGE16 performs the program (combiner style) of a 
combiner format PCE14 and CCE16 operate independently, and are combined, and offer a 
bigger throughput than 1200MIPs to 32-bit data. PCE14 and CCE16 are constituted from the 32 
bit RISC processor of high performance which operates by about 100MHz with 4 stage pipeline 
configuration by the desirable operation gestalt of this invention. These RISC processors can 
be divided and can be used also for data processing like other protocols specified by signal 
processing, error detection, correction, and the channel program in a band (inch-band), and 
format processing. 

[0017] PCP17 contains the code processor RAM 9 (CP-RAM) for memorizing a channel 
program and/or a data unit again. CC1 1 downloads a channel program from CP-RAM9 to the 
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memory of a processing engine, before processing a data unit CC1 1 downloads the context of a 
channel program from CP-RAM9 to the memory of a processing engine, before processing a 
data unit again. 

[0018] KMCE12 divides and attains the master control function for a system 10. With a 
desirable operation gestalt KMCE1 2 contains the security operating system (SOS) built into 
ROM in KMCE12. With a desirable operation gestalt. FS-RISC26 is a 32 bit RISC processor of 
high performance. In addition to FS-RISC26, KMCE12 contains the math coprocessor or mass 
co-processor (math coprocessor) which was preferably suitable for processing of a public key 
program. With this operation gestalt, KMCE12 has the throughput of about 150 MIPs. in order to 
enable activation of the application (embeded) with which the multiple channel and the single 
channel were embedded. 

[0019] With other operation gestalten. a system 10 can act as a cipher-processing element 
embedded for various applications. For example, a system 10 enables it to carry out data flow 
through architecture (data flow through architectures) or co-processor architecture 
(coprocessor architecture). In data flow through architecture, it can pass through data cipher 
interface port 37 from the plaintext interface port 33, or they can flow to the reverse. It helps 
for the internal security mechanism incorporated or embedded in the system 10 to isolate or 
separate delicate (sensitive) plaintext data and a logically different data type like a variable from 
the cipher data protected. With the configuration of co-processor architecture, in order that a 
host system may isolate said type or the data of a format, for example, the certainty (design 
assurance) of a big design is offered suitably. 

[0020] With the desirable operation gestalt of a system 10, PTIP13 and CTIP15 are equipped 
with a FIFO control structure, and include 8 bits, 16 bits, and 32 bit-parallel data interface in 
ports 33 and 37. Interface processors 13 and 15 also include serial asynchronous ones and a 
serial synchronous interface preferably. PTIP13 and CTIP15 include an internal processor, an 
internal physical memory, and external memory escape capacity. The memory of an interface 
processor is managed by those internal processors. With a desirable operation gestalt, full- 
duplex (full duplex) actuation is possible for an interface processor, and in order to process a 
plaintext and cipher data, it offers the isolation of a perfect physical data interface. 
[0021] The interface port 31 is connected with KMCE12, and includes the port for a memory 
interface, a configuration signal (configuration signals), a system clock, and interruption 
preferably. A memory interface port is constituted from the control interface for accessing a 33 
bits data bus, a 24-bit address bus and an internal memory, or an I/O device by the desirable 
operation gestalt With the desirable operation gestalt of a system 10, KMCE12 receives a 
command and data through PTIP13 or CTIP15. As for other operation gestalten, control and 
data can come from the interface port 31. 

[0022] A system 10 contains the context memory bus 38 (CNTX) connected to the context 
port (context port) 36 again. The context memory bus 38 is constituted from the 33-bit data 
bus used in order to combine with external context memory, and an address control bus by the 
desirable operation gestalt CC1 1 manages exchange or the swapping of the context from the 
task in PCP17 to the active inactive task in external context memory. A bus 38 enables context 
change of the high speed for the application which requires many instantaneous tasks rather 
than what may exist in an internal memory. A port 32 offers the interface to CC11 for a control 
signal and the alarm signal according to individual. 

[0023] The context (Context) currently used here can include the functional information 
relevant to a condition (state) or variable information (variable information), a key, and a 
channel, including the information relevant to a specific channel program. 
[0024] With a desirable operation gestalt the code processing system of this invention is 
preferably carried out on a single silicon die in veryHarge-scale-integrated-circuit (ULSI) 
equipment With a desirable operation gestalt some processing subsystems are accumulated 
into said ULSI, and the throughput of about 1350 suitable MIPs can be acquired for the class of 
a wide range code program. 

[0025] Drawing 2 shows processing of the data unit concerning the desirable operation gestalt 
of this invention. The architecture of the code processing system of this invention enables 
processing of the packet-ized communication link thread (threads) of the multiple channel 
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equipped with the very high throughput The asynchronous operation between an internal 
subsystem and an external host is managed by the finite-state machine (finite state machine) in 
CC11. 

[0026] Reference of drawing 2 transmits the data unit 41 to one of the interface processors 13 
or 15 ( drawing 1 ) from an external host, as shown by a time amount line or the time line (time- 
line) 40. An interface processor is notified by sending that it is ready to CC1 1 for processing of 
the new data unit 41 to time amount 51. and sending the header of this data unit to CC11. 
Based on the information on the header of the data unit 41, it is ordered for CC11 to move a 
data unit to a suitable processing subsystem like KMCE12, PCE14. or CCE16 at an interface 
processor. Preferably, all for example, other than a header are transmitted to a processing 
engine for a part of data unit 

[0027] When it is prepared so that a data unit may be processed by one of the engines in 
PCP17, CC11 plans processing and begins. By mediation. CC11 makes a data unit transfer max 
in order to make simultaneous processing in a system 10 max preferably. In the time line 42, the 
data unit 41 is transmitted to memory like CP-RAM 9 ( drawing 1 ). and it stands by in order to 
be processed by the suitable processing engine (for example. PCE14 or CCE16) there. This 
background activity of the following data unit which should be processed makes the incubation 
(latency) covering a system 10 min. Furthermore, it helps to guarantee that the resource of 
PCE14 or CCE16 is processing the data unit and the background activity of a program is not 
moving data or a program. Therefore, the data throughput of a system increases sharply. 
[0028] The time line 44 shows the period which has transmitted a part for the data division 
which the processing engine was processing the data unit 45, and was processed to the output 
interface processor. A time frame 52 is one clock cycle typically, and is context switching time 
to which a key and a program are changed between them. What the interface processor was 
ready to process a new data unit to CG1 1 in time amount 51 is notified. The data unit 
processed between time line 44 is transmitted to an output interface processor from a 
processing unit Processing of a data unit is completed by time amount 54. The data unit has 
completed processing to an external host and an output interface processor notifies an 
available thing to this time amount The data unit 47 is a processed data unit and is transmitted 
to an external host between time line 46. The incubation 59 of the packet relevant to 
processing this data unit is shown as time amount to the time amount which is ready to 
transmit the data unit processed from reception of the packet in an input interface processor 
to an external host 

[0029] After the whole packet is received by the processing unit (PCP17). a data unit is 
processed by the processing engine (for example. PCE14 or CCE16) so that it may see from 
the processing diagram of drawing 2 . Furthermore, a data unit cannot be used in order to 
transmit to an external host until the whole data unit is processed. It is transmitted with the 
continuous (continual) base as a data unit consists of two or more desirable D WORD (Dwords) 
(32-bit WORD), and the each is processed separately and then processing is performed from a 
processing unit to an output interface processor. With a desirable operation gestalt after the 
whole data unit completes processing and an external host becomes available in an output 
interface processor, he is notified. Processing of a perfect data unit makes the work which 
avoids the deadlock or deadlock which may be produced by the action or action from an 
external host 

[0030] An output interface processor is an interface processor relevant to the interface port of 
the opposite side where a data unit is generated or sent from there typically. For example, after 
it is processed, the data which generate in a plain text or the plaintext interface port 33 are 
sent to CTIP1 5, and are made available in the cipher interface port 37. 

[0031] With a desirable operation gestalt a data unit is loaded to interface processors 13 or 15 
in asynchronous by the host system, and is managed by the interface processor. The data unit 
planned or planned for activation by PCE14 or CCE16 is sent to the memory relevant to a 
processing unit (for example. CP-RAM9), and is memorized When a processing engine is FS- 
RISC26. the data unit which was ready for processing is memorized by memory 25. Interface 
processors 13 and 15 perform a function like a decomposition [ of a data unit ] (dataunit 
parsing), priority attachment (prioritizing), and juxtaposition-serial and serial-parallel conversion 
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packet integration, inspection or check word (checkword) generating, and a memory 
management function. 

[0032] With the desirable operation gestaft of this invention, the data unit processed by the 
system 10 is formatted specially because of processing by the system 10. In this operation 
gestalt, interface processors 13 and 15 process data in the APDU format explained below. 
However, the stream data (stream data) which are not in an APDU format are also received in 
juxtaposition or the serial port of an interface processor, and it can change into an APDU 
format for processing. 

[0033] Drawing 3 shows a format of the data unit suitable for using it with the desirable 
operation gestalt of this invention. The data unit in an APDU format is shown in drawing 3 . The 
data unit of an APDU format consists of a series of D WORD. Each D WORD has the offset 
shown in a column 60. The first D WORD is D WORD 66 of a channel header, and this is 32-bit 
D WORD preferably. There is command D WORD 67 following D WORD 66 of a channel header, 
and this has D WORD offset of 1. There is a parameter data field 68 which has D WORD offset 
between 2 and 4094 following command D WORD 67. The parameter data field 68 of APDU 
contains the payload (application payload) of application. It is because the data of the field 68 
can have a different format to each channel and an application program can carry out context 
exchange (context swap) of it to each data unit For example, probably, some channels need the 
strong (robust) protocol in order to guarantee the lock step processing to a communication link 
thread (communication thread), while two or more programs are performing in a system 10 to 
two or more channels. 

[0034] The last D WORD is a checksum or checksum (check sum) D WORD 69, and this is a 
32-bit frame check sequence (frame check sequence:FCS) preferably calculated over the whole 
APDU. A checksum or (Checksum OS) D WORD 69 is the option-field which can enable or 
carry out a disable to a specific application. It judges whether between start-up procedures, 
KMCE12 constituted CC1 1 and the checksum was attached to each APDU. 
[0035] One suitable FCS program is the 32-bit version of an ISO3309-1964E specification. This 
specification specifies the high-level data link control procedure and the frame structure for 
information processing system and data communication. 

[0036] Drawing 4 shows a format of the channel header suitable for using it in the desirable 
operation gestalt of this invention. A format of this channel header specifies the size or the 
magnitude and location, or location of the field in D WORD 66 of a channel header. Channel 
header D WORD 66 contains the MLS tag field 75 of the PDU die-length field 73 of 72 or 12 
bits of channel index fields of 71 or 19 bits of APDU type fields of a triplet the spare bit 74, 
and a triplet, the priority bit 76, and a parity bit 77. Option-like [ the MLS tag field 75 and the 
priority bit 76 ]. The APDU type field 71 specifies the value over an APDU type and its 
corresponding meaning, or significance (significance). Preferably, the APDU type field 71 
specifies the source of APDU from PTIP13, CTIP15, or other internal sources of a system 10. 
The APDU type field 71 also shows the output processor which should receive a data unit 
preferably. 

[0037] It specifies whether the APDU type fields 71 are whether APDU is Demand APDU again 
and Response APDU. To Response APDU, the channel index field 72 already contains the 
demand program number (request program numberRPN) of the triplet instead given in the 
command D WORD of Demand APDU excluding a channel index. Using the APDU type field 71, 
CC1 1 is divided and opts for use (use) of the channel index field 72. 

[0038] a ****** [ that the channel index field 72 is calling the channel usual in a data unit ] — 
or it specifies whether the data unit is calling the internal resource. For example, if the bit of 
the beginning of a channel index is "\" % 10 bits of the last will identify the channel program used 
in the channel table explained later. A channel table specifies the property of a channel, tn case 
a context and a program are moved to the active channel memory of an EU and CC11 is taken 
out from active channel memory, it manages a channel table. When a channel is generated, an 
entry is added to this channel table, the time of the entry of a channel table being removed — 
the channel — being inactive (inactive) — it becomes. The table of an inactive channel is 
moved to the storage location which a condition (state) and a variable data, and/or a program 
cannot access by the condition machine of C11. The application program which operates on 
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FS-RISC26 can carry out rediscount reliance of the channel program from this table, and can 
remove data from POP 17. The memory used in order to memorize inactive channel data can be 
prepared in KMCE1 2 or external context memory. 

[0039] About the channel index field 72. if the bit of the beginning of a channel index is zero, as 
for a data unit, the internal resource may be demanded for processing. 10 bits next to this 
channel index show which internal resource is demanded. An internal resource contains Randa 
Myser (randomizer) in PTIP13. CTIP15. CC11, and PI21. and FS-RISC26. 
[0040] The PDU die-length field 73 shows the number of D WORD containing the option CS 
tooth-space D WORD which follows command D WORD 67 preferably. The die-length field 73 
specifies the size or magnitude of an application data. With the operation gestalt shown in 
drawing 3 , the size of the greatest application-data unit is 4094D WORD, and this is 131 008 
bits. 

[0041] The MLS tag field 75 specifies the levels of security of APDU. The value in the MLS tag 
field 75 is compared with the value of the MLS tag of the key relevant to a channel by the 
desirable operation gestalt When two tags do not have consistency, a data unit is eliminated 
and an error situation is set With the desirable operation gestalt of this invention, the MLS tag 
of a key is loaded with this key. or is specified at the time of key creation. The MLS tag of this 
key is based on the levels of security used in order to create this key preferably. 
[0042] The priority bit 76 specifies the priority level for APDU. This priority bit is preferably 
used by interface processors 13 or 15. and chooses the sequence of processing of a data unit 
There is a priority of two level with the shown operation gestalt For example, zero specify non- 
real-time (non-real-time) processing, and on the other hand, since real-time processing is 
specified, 1 is used. 

[0043] A parity bit 77 is preferably added to each header D WORD. CC1 1 is inspected when this 
header is processed in the parity of this header WORD. 

[0044] Drawing 5 shows a format of the command D WORD suitable for using it in the desirable 
operation gestalt of this invention. Command D WORD 67 is 2nd D WORD in each APDU 
preferably. Command D WORD 67 contains the response field 82 of 81 or 7 bits of 10 bits of 
command ID fields, the APDU die-length field 84 of 83 or 5 bits of demand program-number 
(RPN) fields of a triplet the spare bit 85. and a parity bit 86. With a desirable operation gestalt 
command ID field 81 specifies the function which should be performed to a data unit A function 
is preferably specified to each channel program. There is [ as opposed to / at a desirable 
operation gestalt / a system 10 ] no original function. A function can contain encryption, 
decryption, a sign, the Shinsei certification, and others. For example, a function like encryption 
specifies what a part for the data division of APDU (for example, parameter data field 68) 
should be enciphered for to application software. This encryption is performed using the key 
specified to the channel chosen by a channel program and the channel index field. 
L0045] A response field 82 returns the processing status with the processed data unit This 
response is generated by the processing unit of a system 10. For example. PCE14 can provide a 
response field 82 with the "completion of processing (processing complete)" response in the 
end of transmission of the data unit to an output interface processor. Similarly. CC11 can send 
a default response value to a transmitting processor, when a transfer of a data unit goes 
wrong. It shall depend for a response field 82 on specific application or a specific channel 
program. 

?Dm?7 he RPN fid ? 83 iS USed in ° rder to identify which P^am Published the demand in 
APDU (request type) of a demand format Since it maps in one of the processings which is 
operating by one of for example, the encryption engines now. CC1 1 can use RPN. The RPN field 
83 returns the value in the response APDU channel index by which CC11 enables it to lead 
APDU to a nght processor. With a desirable operation gestalt when APDU generates from an 
external host the RPN field is not used and is set to zero. By identifying a program, the RPN 
field 83 requires and delivers a command, a parameter, and data between different channel 
programs which are operating in the EU of a system 10. Since a processing unit can run a 
program to coincidence, a processing unit uses a data unit with communication link structure 

2*?^ J herefore ' a P r °eram can transmit information among these very thing by use of the RPN 
field 83 using CC1 1. 
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[0047] The APDU die-length field 84 specifies the size of APDU. A parity bit 86 is added to the 
header of command D WORD 67. CC11 can inspect the parity about this header WORD when it 
processes command D WORD 67 ( drawing 3 ). 

[0048] Drawing 6 shows the channel convention or channel definition table suitable for using it 
in the desirable operation gestalt of this invention. The channel index field 72 ( drawing 4 ) of 
header D WORD 66 ( drawing 4 ) determines the line (row) of the channel table 90 which is read 
by CC1 1 ( drawing 1 ) and applied to APDU. A channel table 90 specifies the contents and 
those die length of the channel table field. With a desirable operation gestalt, in order to 
characterize each channel, let a channel table 90 be a 1024 word die-length x32 bit table. CC11 
uses the field of a channel table 90, when setting up a channel program in the processing 
engines 14 and 16. A channel table 90 contains the die-length field 97 of 96 or 4 bits of 
adjustable address fields of 95 or 17 bits of program ID fields of the assigned 2-bit activity field 
(allocated activity field) 92, the demand service bit 93, and 94 or 4 bits of save back bits (save 
back bit), and the MLS key tag field 98 of a triplet 

[0049] The information on a channel table 90 is used in order to lead APDU to suitable process 
resources, and it includes other information for install of the specific communication link thread 
to the channel, or re-install. Generally, a channel table contains the pointer to the location by 
which a program and a context are arranged for a channel definition or a convention. The 
channel index field 72 can also be directed to the channel which is not assigned to POP 17 
(point). In this case, CC11 can lead a data unit to KMCE12 to which processing is performed 
Generally, processing is performed by KMCE12 with the exception base (exception basis). 
[0050] The channel index field 72 is assigned by the software of the application program 
performed on FS-RISC26, and is produced at the time of creation/convention of a channel. It is 
fixed depending on specific application, or let allocation of a channel index be a dynamic thing 
For example, an external host enables it to build APDU appropriately by it including exchange of 
the value [ channel assignment / dynamic ] at the time of channel creation. When a new 
channel is created or pulled down (torn down), KMCE12 creates a new entry in a channel table 
90. or deletes an entry. The channel table 90 in a desirable operation gestalt is stored in the 
memory 19 of CC11. 

[0051] Each channel has the related channel condition (channel state) stored immanent in 
CC11. the current program state to which the channel condition is operating, the condition of a 
degree or the last, a standby condition, and an install condition — and inactive or an inactive 
condition is included. A channel is in operating state (running state), when a current program 
state and a current context are performing on PCE14 or CCE16. PCE14 and CCE16 have at 
least four memory of a lot, and these enable it to load the following channel with a desirable 
operation gestalt, while it is chosen in a ping-pong (ping-pong) format and the current channel 
is carrying out current activation. Since this memory swapping occurs, said memory convention 
or definition changes from it being active (active) to a shadow (shadpw). 

[0052] The channel condition of a degree or the last shows that a channel program exists in the 
shadow memory relevant to PCE14 or CCE16 which were described above. It specifies that a 
standby channel condition is ready so that an application program may exist in CP-RAM 9 and it 
may be installed in a shadow memory. An install channel condition is in the channel condition 
between standby and the thing of a degree or the last, when swapped with the thing of others 
L context / relevant to the channel program to one channel ]. An inactive channel condition is 
in the condition which has said context and/or program out of control of POP 17. for example a 
program — KMCE12 — or it can exist in external context memory. 

Ion?? ° n u e 3 Channel is es *ablished in POP 17, an external host's application can process 
APDU without the med.ation from the application program currently performed in FS-RISC26 in 
PCP17 with the base for every channel. Therefore, the greatest throughput between functions 
like encryption or decryption is attained by the autonomous (per channel) processing for every 
channel in POP 17. Therefore, typical application delivers APDU without mediation of KMCE12 
through POP 17. 

[0054] The channel activity field 92 identifies an effective channel, and includes channel status 

S,o™e tl r° n " Unit Wh ' ch identifies an invalid channel program can be written in FS- 

RISC26 for processing The channel activity field 92 shows the processing activities of the 
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channel, when effective. When the data unit is processed, the channel activity field 92 is 
updated It follows and determines which channel for the channel activity field 92 to be used by 
KMCE12 again, and not to be used more rarely and whether to be removable with the minimum 
effect on a system 10. With a desirable operation gestalt the channel activity field 92 is 
updated through a number "01". "10". and "11" one by one. The current or present value is 
memorized with the channel currently used in order to process specific APDU. The value of the 
channel activity field 92 expresses the condition of having been used for the last of a channel. 
[0055] It is shown that the demand service bit field 93 needs to read a new value to the 
comprehensive variable (global variables) by which the application program currently performed 
on PCE14 or CCE16 was updated with the application program currently performed on FS- 
RISC26. Therefore, when the demand service bit or the service request bit is set, FS-RISC26 
offers additional information, before a program begins. The save back bit 94 shows how to use 
it. since CC1 1 saves a context for example, a context — CP-RAM 9 — or it is savable to 
external memory. After a context changes some of contexts or all in which the channel program 
generally introduced or installed in one of the processing engines is existing, it is returned By 
using the save back bit 94. many APDU(s) can operate on the same channel and can produce 
change in the context When a channel is removed from one of the processing engines, the save 
back of the context is carried out to the interior or external memory. Therefore, unnecessary 
save is avoided. 

[0056] Program ID field 95 contains the ID code for an algorithm or a program. Preferably, 
program ID field 95 directs the line (row) in the program address table which exists in the 
memory 19 of CC1 1. A program address table divides and specifies the field used in order to 
pursue the program from which CC11 differs. A variable or the adjustable address field 96 
specifies the starting address of the memory location in PCP17 in which adjustable or the 
variable data to a channel is located. By using adjustable or the variable address field 96 it is 
determined whether CC1 1 is in whether this variable is in current active memory or it is in a 
shadow memory, a variable, or condition memory. Furthermore, the variable address field 96 has 
a variable data in CP-RAM9 to CC11, and shows the thing of PCE14 of CCE16 which should be 
moved to active or a shadow memory to the number condition of browning, a ****** [ that the 
shadow and the memory address to active memory were fixed preferably, therefore activation / 

1 ' ° f APDU is re ady ] — or it enables it to determine SUTAGU [ APDU / in a shadow 
memory ] While SUTAGU [ APDU / the shadow memory ]. a channel parameter to the channel 
like a program variable and a condition is loaded to a processing engine. 
[0057] The condition die-length field 97 specifies the die length of the state-variable data 
described in the top. With a desirable operation gestalt the condition die-length field 97 is 
changed between zero and D WORD of 32. The MLS key tag field 98 enumerates the levels of 
secunty of a channel key (lists). The value of the key tag field 98 is compared with the tag 
received in the MLS tag field 75 of header D WORD 66 of APDU. There should be the levels of 
secunty of the channel key enumerated by the key tag field 98 more highly than the data 
secunty level identified in the MLS tag field 76 of header D WORD 66 to the data unit which 
should be processed. 

[0058] | Drawing 7 shows the example of the program address table suitable for using it in the 
desirable operation gestalt of this invention. The program address table 700 includes the 
program type field 702, the program location field 703, the red / black (red/black) field 704 the 
program address field 705, the program die-length field 706, the blank D WORD field 707 and 
the vanable d.e-length field 708. Program ID field 95 ( drawing 6 ) from a channel table 90 
directs the line (row) of the channel-address table 700. Therefore, each channel is connected 
with the line in the program address table 700. 

[0059] The program type field 702 is the 2-bit field which identifies [ of a channel program ] 
nTS^i for example ' is large? ' or whether it is small. The program type field 702 identifies the 
fcU. PCE14 or CCE16, with which a program operates again. [ for example, ] The program 
location field 703 identifies the location of the channel program to the channel. CC11 opts for 
the location of a program, when required, in order that it may process APDU using the program 
S^' d 7 ° 3 " ThC program ,oca t«°n field 703 shows when a program should be loaded by 
FS RISC26 again. The program location field can show that only one copy of the program exists 
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T^T'ino eX '^ S 3 P rocess5n e • n S n « ,ike PCE1 4 or CCE16 eternally, the program location 
field 703 — or what a channel program is in CP-RAM 9, and should be copied when required for 
a suitable processing engine is shown. It is shown that the program location field 703 has a 
program in external memory again, and is copied to a system 10 if needed. When a program is in 
external memory, this program may need to be decoded by KMCE12 before install in one of the 
processing engines. 

[0060] Red / black field 704 is the 2-bit fields which identify the levels of security of a program 
preferably. Red / black field 704 is divided and it is shown whether this program is a security 
program or it is not a security program. After it is darkness, or it is enciphered before being 
moved to black (black) external memory, and a security program moves this program from 
external memory, it should be decoded. Before a non-preserving program moves to external 
memory or moves from external memory, it does not need to be enciphered. With the desirable 
operation gestalt of this invention, red / black field 702 is not used, when external memory is 
r!£ U A 3 program store or * cannot use because of a program store 

L0061] The program address field 705 contains the address pointer which identifies the memory 

pSeiTppfiI ; r£ ° r ° Ver the ChanneL 17,15 memorv ,ocation ca " be i" 

HUE 14, CCE16, CP-RAM 9, or external memory. CC11 determines the location of a channel 

program us.ng the program address field 705. and moves it into the shadow memory of a 
processing engme. When a specific program is eternally loaded to a processing engine, said 
program address can include the value which exists in order to show that a program does not 
need to move. 

[0062] The program die-length field 706 identifies the size of the microcode of the channel 

blaTo WnSn >Z w^tT°^ b ' ank ° W ° RD fi6,d 707 Sh ° WS *» number of »«> or 
blank D WORD which CC1 1 writes in a memory location, after CC11 installs a program in the 

memory. Said zero or blank D WORD is written in the program installed before to the program 

vl+ ?*u° e 3 cont,nuation Processing engine, in order to guarantee that the exaggerated 
light of the program tooth space is carried out 

[0063] The variable die-length field 708 contains the die length of the variable used in this 
specific program. The die length of a variable can be made the same to all the channels that 
use the same program. The die length of a program variable is between zero and 32D WORD 
preferably. CC11 uses said variable die length, when installing the context of a channel in a 
processing engine. 

[0064] P^jngJJ is the flow chart of the setup suitable for using it in the desirable operation 
gestalt of thus invention, and a configuration (configuration) procedure. Since it divides, and it 
specifies and a definition or a related channel program is loaded for a channel to PCP17 by the 
system 10. a procedure 100 is performed. The programmable code processing system of this 
invention can have some programs which operate to coincidence by the superscalar 
(superscaler) programmable architecture. These programs are installed from the master 

TnVV^nlfo 0er T WhiCh ODerates on securit V operating system of FS-RISC26. In a task 
10Z. KMCE12 performs reset and self-test processing in order to guarantee that the 

^r a °rTi mP . 0n v tS) subsvstem of a svstem 10 are operating appropriately. In a task 
104 a master application program is loaded to KMCE12 from the external host 103 With 

KM°rpT9 OPe 7 t,0 . n g ! S i a,t invention - an application program exists in the memory 25 of 

KMCE12, and .s loaded to FS-RISC26 from memory 25 

[0065] In a task 106. the application program loaded in the task 104 is performed, and it 
KESTI 8 ° n secur,t y operating system of FS-RISC26 preferably 

C re!Sd",nH ta H Sk fi ^ i^°:? ered 3n a PP ,ication P^am so that two or more channels may be 
infect 1 u ° C , U US ' ngthe Channd definition formation 107. Channel definition 
information or the channel convention information (Channel definition information) 107 is 
memorized ,n a system 10. or can be offered by the external host Between this step, a channel 
table as shown ,n a channel table 90 ( drawing 6 ) is created. Furthermore, a program address 
melr "k '"T"" addr6SS 700 ° f drawin * 7 is a!so created These tables are 

«s^t of th V 3 ? ^ SharCd mem0ry 18 ( drawin * 1 > w ith the desirable operation 

T' B ! tWCen thC teSkS 108 ° f a Set "P and configuration procedure 100 a 
channel program ,s not preferably installed in the processing engines 14 or 16 A channel 
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program is installed for a specific data unit, when a data unit is processed. For example the 
channel .ndex of APDU runs to CC11 (run), and a channel program sets it to it. CC11 installs 
rnn«?i r0 -^ am ' 3nd **** pr °e ram execution is started in a suitable processing engine 
L0067J The channel definition information 107 includes the information which defines or 
T C ^L iP*?* pr °e ram of a context, or relation with a program segment The single 
thread (thread) of an activation code (execution code) is the example of a channel. In the multi- 
processing system for which a context is exchanged, it operates by time sharing for murti- 
channe actuation of many instantaneous channels. Therefore, the separate context to each 
channel is maintained preferably. 

[0068] After a channel is defined and a channel program is identified in a task 110 an 
application program downloads a specific channel program in memory like CP-RAM 9 of PCP17 
In relation to each channel, there is a channel program preferably 

if ?n5 w *' ^ a Code L1 ke . v Encryption k eys) is loaded to a system 10. Preferably, this key 
£ loaded to the programmable interface 21 through the fill port (fill port) 34. A key contains a 
DES code key and the keys of other formats which could set on the technique of public a 
private key. and cryptography, and were known including the key used for encryption ' 
decryption a digital signature, and the Shinsei certification. With a desirable operation gestalt 

ca S T°Jth 3 , aC , P P ° Wer SUPP,V ,ikC 3 dc - batterv order to prevent loss of a key in the 
case of the power failure to a system 10. A task 1 12 can include the key generating task 1 1 1 

FstlST** M key " FS " RISC26 in OP**"- * «" include that key generating performed by 
F5 RISC26.S public or using private key generating software. A channel or a session key can 
Rw£ f * bv ma ny approaches technically learned including what is depended on FS- 

hwT fET? u^! MySCr (randomizer >- A ^y is memorized with a desirable operation 
gestalt by the table to which it relates to a channel and a channel is related with a suitable key 
or a key pair. With a desirable operation gestalt. a key is connected with each channel between 

wr^1"pec n ifi 0 c IS ^ ^ ^ 1 ° Perati ° n geSta,t leVdS ° f S6CUrity ° f 3 Channel ^ ' * 
[0070] If the task 1 12 includes the key generating task 1 1 1, a key shall be used for a key 

TJZ "1 u eSCr ° wX A taSk 112 Can indude the task which P rovides a key escrow with a key 
3£l£ 7 ' S 7 em °" Zed «" a tesk 1 14 b V me mory like [ in order to use it when it is connected 
wrth the channe wh.ch uses the channel information 113 and a data unit is processed ] the 
local memory relevant to CP-RAM9, or PCE14 or CCE16. If a task 114 is completed, the 
system 10 is ready to process a data unit 

[0071] | Drawing 9 is the flow chart of the procedure of the data unit suitable for using it in the 

is performed to each data unit received by the system 10. Generally, a procedure 200 is made 

s^w™ 3 ST^T. Ct, ° n t0 6aCh data unit A Wtion inc,udes encryption, decryption, a 
wS oroc^eH T r^ Caiion - After data ""it which this function was performed and 

ex^rnThost " C ° mP,eted ' 3 SVStem 10 Cnab,es * to use the Pressed data unit for an 

host Th n /c£ Sk ^ \? ata ^™, L S reCe,Ved interfaCe Processors 13 or 15 from an external 
host The data unit .s the APDU format which was preferably explained by drawings - drawing 

IJ^^Z^rS* l W ^ i™} f ° mat fr °T ° ther formatS with an^Se^a. hSr 
or S^pi^ f + L StrCam ^ <Stream data) Which are not an APDU f ormat PTIP13 
^e s3em iS A^ui T™ tH* T**" confi *- atio " information 203 memorized by 
ob^S^JSJ^? 5 eXterna ' " OSt Chang6S data into an APDU «»™«t with a desirable 

operation gestalt before being received by the interface processor in a task 202 what prevents 

m%^z^ ne,ne < c a ?* int ° an apdu f ° rmat d ° es not ha - -Xr 

IS!! ^° nfi l f ura * ,on '"formation (Configuration information) 203 includes the specific 
can^T vT T ap . pMcation of a ^ ^r example, configuration information 203 

SoW A teskl'oT^ -"formation, and ] when PTIP13 or CTIP15 generate APDU. 

datl lt ° !T u eC6,Ve 3 data Unlt in [ rt ls desirab,e synchronous and ] asynchronous A 

data un,t ,s receivable by juxtaposition or the series-connected-type formula through thT 
luxtaposrtion or the serial port of an interface processor relatedagain. When a XtaTn^Ts 
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received in asynchronous, it notifies that an interface processor can be used in order that it 
may receive a data unit to an external host. 

[0075] In a task 204, an input interface processor reads a packet priority (namely, bit 76 of 
header D WORD 66 ( drawing 4 )), and the processing to the data unit is planned or planned. 
With a desirable operation gestalt the packet equipped with the real-time priority is first sent 
to CC11. and a non-real-time packet is sent following it It notifies that the interface processor 
is ready to process a new data unit to CC1 1 as a part of task 204. In a task 206, CC1 1 reads 
the header of a data unit. 

[0076] In a task 208, CC1 1 determines a suitable channel program and process resources, in 
order to read the field 71 to an APDU type, and the MLS tag field 75 of header D WORD 66 of a 
data unit in the field 72 for a channel index and to process this data unit CC1 1 can read the 
APDU die-length field 84 as a part of task 208 again. 

[0077] In a task 210. it is ordered CC1 1 so that a data unit may be led to the processing engine 
or FS-RISC26 like PCE14 or CCE16 to an interface processor. A processing engine is chosen 
based on the information from a task 208. The channel index field 72 of header D WORD 66 
determines an external unit in order to process to a data unit With a desirable operation 
gestalt a data unit is led to CP-RAM9. and waits for processing by PSE14 or CCE16 there. Or 
a data unit is led to the shadow memory of PCE14 or CCE16. and waits for processing by 
PCE14 or CCE16 there, respectively. 

[0078] Between tasks 210, the frame-check-sequence (frame check sequence:FCS) checker in 
CC11 investigates the integrity of the data unit between transfers. A default response is 
returned to the external host who offered the data unit when a problem occurs by FCS. The 
PDU die-length field 73 of header D WORD 66 is used by CC11 in order to allocate memory in 
POP 17. With 1 operation gestalt of this invention, a task 210 includes leading only the payload 
part of a data unit to a processing engine. 

[0079] The context to the specific channel downloads in a task 211. In a task 212, a channel 
program downloads CC1 1 in a suitable processing engine. Preferably, a program is loaded to the 
shadow memory of PCE14 or CCE16 ( drawing 1 ). 

[0080] In a task 214, the MLS tag field 75 is compared with the tag (namely, MLS key tag field 
98) in a channel table, and a large thing is guaranteed to levels-of-security extent which the 
data unit requires [ the levels of security of a program ] at least When a data unit requires big 
security nature rather than a channel provides, this data unit is not processed preferably and a 
default response is returned to an input interface processor. An interface processor can return 
this default response to the external host who offered that data unit 

[0081] In a task 216, CC1 1 installs a program from the shadow memory relevant to a suitable 
processing engine. As stated in the top, ruble's is in the shadow memory relevant to a 
processing engine until a data unit is ready to process this data unit A task 216 participates in 
install in the processing engine of the context to the channel program again. 
[0082] A processing engine [ as opposed to a specific data unit to some data units ] is FS- 
RISC26 ( drawing 1 ). In this situation, generally the application program may already have 
operated, and may follow, and the step of program install of a task 216 may not need to be 
performed. In this situation, a task 216 includes the task which notifies that CC11 is loaded to 
the memory (for example, mail box to FS-RISC26) relevant to FS-RISC [ like memory 25 ]26 
whose data unit is to KMCE12, and processing is ready. 

[0083] The command relevant to a data unit is read in a task 218. Preferably, command D 
WORD 67 ( drawing 3 ) of a data unit is read with a suitable processing engine (task 210), and is 
divided, and it opts for the function which should be performed about a data unit This 
processing engine is ready to process a data unit now. When a processing engine is PCE14 or 
CCE16, a processing engine is read from the storage location [ in / for command D WORD 67 / 
CP-RAM9 ]. When a processing engine is FS-RISC26. CC11 reads command D WORD 67 from 
the location of the data unit in memory 25. 

[0084] After a task 218 is performed, a task 220 processes a data unit When command ID field 
81 is read in a task 218, CC11 makes the function which should be performed to this data unit 
by the suitable channel program for a processing engine choose. In a task 220. the key (the unit 
or plurality) and channel relevant to the selected function are loaded to a processing engine 
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Generally, the selected function determines where the data processed again are sent For 
example, a code function can send the processed data (enciphered) to CTIP15, and, on the 
other hand, a decryption function can send the processed data (it decoded) to PTIP13. To in- 
house-data unit processing, the processed data are sent to CP-RAM9, in order to process 
further, or they can be sent to memory 25 for the further processing by FS-RISC26. 
[0085] The typical processing facility 221 includes encryption, decryption, a digital signature, 
and the Shinsei certification. Other functions including the function irrelevant to encryption can 
be performed, and the function which does not use a key is included. Between tasks 222, an 
output interface processor accumulates the processed data unit (accumulates). Preferably, 
processing of each D WORD of a data unit offers processed D WORD to an output interface 
processor. Once all processed D WORD of a data unit is accumulated by the output interface 
processor, it will be notified to an output interface processor that the data unit completed 
processing and that an interface processor has the processed perfect payload part of a data 
unit. A task 222 can include the task which can include the task which formats the data unit 
processed again for the APDU format, and adds header information like channel header D 
WORD 66. and command information like command D WORD 67 ( drawing 3 ). The step which 
CC1 1 notifies that it is that the data unit has completed processing again and the task 222 has 
become a suitable format to an output interface processor can be included. 

[0086] In a task 224, it notifies that the external host of the interface processor is ready for the 
transfer to an external host of a data unit. Preferably, an external host demands a data unit, 
when it is ready to receive the data unit by which this external host was processed. For 
example, an external host and an output interface processor can do what (engage) is 
participated in a handshake protocol, in order to transmit the processed data unit As a part of 
task 224, an output interface processor clears the memory, after the processed data unit is 
transmitted. 

[0087] In some cases, additional processing is performed to a data unit In a task 222, if the 
further processing is required from a data unit the processed data unit will be returned to 
CC1 1 from PCE14 or CCE16. CC11 plans additional processing and tasks 210-222 are 
repeated. 

[0088] as for an application program, additional processing should be performed when to a data 
unit — it is — or what should be performed can be determined. The data unit which has the 
additional processing which should be performed is formatted as APDU, and CC1 1 enables it to 
determine which processing is planned next The sequence of activation of processing of a data 
unit determines the following task which should be performed by carrying out by determining a 
channel program preferably and reading a channel number with said APDU by CC11. 
[0089] With 1 operation gestalt of this invention, the data unit in an APDU format is reformatted 
and reconfigured in front of a task 224. For example, APDU is convertible for a standard PDU 
format this reformatting, reconstruction, or conversion — an output interface processor — or 
an external host can perform. 

[0090] Therefore, a programmable code processing system is explained and this system has a 
big advantage to the known technique. The programmable code system of this invention 
especially offers the engine performance improved sharply for the function to encryption, 
decryption and the Shinsei certification of a message, other security services like a message 
signature and others, etc. The processing system of this invention can reply to the demand to 
which it increases for the security communication system of grade high again. Using a 
programmable and single ULSI design, two or more programs are supported and the processing 
system of this invention enables common actuation with the communication device of current 
and the future. 

[0091] The programmable code processing system and approach of this invention are suitable 
for processing two or more code programs to coincidence. The programmable code processing 
system and approach of this invention enable a context and quick and safe switching of a 
program (for example, algorithm) about each data unit processed. 

[0092] The programmable code system of this invention can especially support the application 
of the large range, each application — some — differing — and it can have an independent 
communication channel. Furthermore, each channel can have a different code variable and a 
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different condition. It guarantees that a right program and a function can perform architecture 
of the programmable code system of this invention by failsafe operation. 
[0093] The programmable code system of this invention supports non-cipher processing like 
[ again ] framing (framing) and signaling in a band (inch-band signaling). With a desirable 
operation gestalt it enables it to use it in the device classification of versatility [ system ] with 
this programmable and programmable code system, flexibility is added as a result and cost is 
reduced more. 

[0094] With a desirable operation gestalt, the typical processing throughput to a code function 
is in the order of 50MBPS including the thing to instantaneous activation of various programs. 
This capacity is attained by the preparation or a setup (background staging) of the background 
of the following task which offers the advantage of a throughput and especially supports 
operation of a multiple channel. 

[0095] This invention offers the system which has the architecture which enables multi- 
processing, in order to operate to coincidence. For example, high-speed code book encryption 
application can operate to coincidence with high-speed serial decryption and public key 
actuation like a digital signature. The programmable code system of this invention is classified 
so that it may rescue offering the positive solution approach to the various applications which 
reach a security high performance multi-channel walkie-talkie and a network from a security 
stock mold walkie-talkie. 

[0096] With a desirable operation gestalt, the processing system of this invention is supported 
by the superscalar architecture equipped with simultaneous-processing capacity. The deep 
(Deep) pipeline machine for task exchange of the single cycle by the scheduling of activation of 
a high clock rate, processing of the packet-ized data unit, an intelligent interface processor, and 
a background task is offered. Unifying these characteristic functions to one system gives the 
advantage on one about 10,000 times the engine performance of this to the operation which 
used the same standard commercial processor. 

[0097] One of the problems accompanying processing of two or more programs by the standard 
commercial processor of DSP is that there is loss of the big engine performance by the task 
exchange or the task swapping in a security operating system. This invention makes high-speed 
security task swapping possible in a background. Other problems accompanying a typical 
microprocessor and typical DSP are that a high— speed juxtaposition numeric value and logic 
process resources are inadequate to high-speed encryption processing. The system of this 
invention has three high-speed process resources which accelerate cipher processing, and a 
low-speed processor to the demand of a lower rate with a desirable operation gestalt 
[0098] In a typical code processing system, a key variable data tends (vulnerable) to get 
damaged, when exchanged between subsystems. The risk of this security nature is sharply 
reduced with the cipher-processing engine arranged by this invention on key management a 
controller subsystem, and a single monolithic die. It helps for the extract of the data from the 
deep submicron level in a device of operation to be very difficult and to follow, and to prevent 
loss of data even from the most skillful aggressor. With the ULSI operation gestalt of this 
invention, since this ULSI strengthens protection of such sensitive data further preferably, it 
can be covered by the protective coating which prevents probing of the front face of a die. 
[0099] It is performed by failsafe architecture in order to help to prevent loss of sensitive data, 
even when code program manipulation has the failure of hardware preferably. Typically, a fail- 
safe design brings a result which produces increase of complexity, increase of cost increase of 
power consumption, and lower dependability. However, this invention will introduce a failsafe 
technique suitably and this will produce reduction and the lower cost of the dependability which 
increased as a result and power consumption. 

[0100] With a desirable operation gestalt this invention enables the upgrade of the program in 
an end user machine again. The possibility of this continuous upgrade of a code program 
extends the useful life of a security device, and enables common use with other devices. 
[0101] With the desirable operation gestalt of this invention, code protection of the code 
program is carried out until they are loaded to a code engine. A program will be made into 
recovery impossible once a code key or a cryptographic key is removed. With a desirable 
operation gestalt the key used in order to decode program software is zero-ized (zeroed). 
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[0102] Therefore, what was shown is a programmable code processing system. A programmable 
code processor for this code processing system to process a data unit (PCP), And it is 
characterized by providing the code controller or code control section (CC) for identifying a 
channel program to each data unit based on the information included in each data unit And 
each of said data unit consists of the header field, a command field, and a payload part And a 
means for said CC to read the one header field of said data unit. A means to discriminate a 
channel program from two or more channel programs in order to process said one data unit 
based on the channel index in said header field. The means which a channel program downloads 
to the processing engine in PCP according to said channel index. And a means to expect 
processing with said processing engine and to transmit said payload part to PCP is provided. 
And said command field identifies the function which should be performed to said one data unit 
with a processing engine. The 1st memory for said PCP to memorize said one channel program 
further. The 2nd memory for memorizing said payload part in advance of processing of said 
payload part with a processing engine. In order to opt for said function, a means to load said 
channel program to a processing engine for the means for reading the command field of said 
one data unit and activation of said function is provided. 

[0103] A system is shown and it sets to this system. A data unit Furthermore, the header field. 
Consist of a command field and a payload part, and said PCP contains the 2nd memory for 
memorizing the 1st memory and two or more channel programs for memorizing said payload 
part One of said the channel programs expects one processing of said data unit between 
processings before said data unit and it downloads it in the 2nd memory of a processing engine. 

[0104] Furthermore, the system which has two or more interface processors (IP) which 
transmit the data unit which received the data unit from the external host and was processed 
to an external host is shown. It has a means to transmit between processings of one data unit 
at the 2nd thing of an interface processor, in this case, PCP depends one processed part of a 
data unit on a processing engine — this — And said 2nd interface processor has a means to 
notify an external host of said one data unit having completed processing by PCP. And said 2nd 
interface processor has a means to transmit the processed data unit to an external host in 
asynchronous, including a means by which the 1st thing of said interface processor receives a 
data unit in asynchronous from an external host 

[0105] Moreover, the system by which PCP, CC. and the 1st and 2nd interface processors are 
manufactured on a single die is shown. 

[0106] Furthermore, a system is shown. Said data unit in this case The header field. It consists 
of a command field and a payload part, and in order that PCP may attain a function to a data 
unit at least two processing engines are provided. And CC The means for reading the header 
field of one data unit a means to discriminate a channel program from two or more channel 
programs based on the channel index in this header field, A means to choose one of the 
processing engines based on this channel program. According to a channel index, a channel 
program possesses the means downloaded in the selected processing engine in PCP, and a 
means to foresee processing with the selected processing engine and to transmit said payload 
part to PCP. 

[0107] Furthermore, the system characterized with the key management code engine (Key 
Management Crypto Engine:KMCE) combined with CC is shown. And PCP possesses the code 
engine (CCE) in which a programmable code engine (PCE) and a configuration are still more 
possible in this case. And the means for choosing one of the code engines for CC processing 
each data unit based on the channel index contained in each data unit And according to a 
channel index, a means to lead each data unit to one as which the code engine was chosen is 
provided. Said selected code engine performs one of two or more of the channel programs to 
each data unit And said one channel program has a related context This context is memorized 
by external memory in an encryption format and said system has the means transmitted to the 
code engine with which said context was decrypted and said context was chosen before 
processing of one data unit 

[0108] Furthermore, the system which has a means by which CC discriminates one channel 
program from two or more channel programs to each data unit is shown. And CC has a means 
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to identify the context relevant to each channel program, in this case. And POP has a means 
for processing each of a data unit according to the identified channel program and a related 
context, and said related context is characterized by the condition (state) information and the 
key to a channel program. 

[0109] Moreover, the system for processing the data unit which has a part for a header unit, a 
command part, and a related payload part is shown. In this case, the amount of said header unit 
identifies the channel program for processing a related data unit. Said command part identifies 
the function which should be performed to the payload part of a related data unit And said 
system The programmable code processor for processing each of said data unit according to 
the channel program specified by each of said data unit (PCP) f And it is characterized by 
providing the code control section or code controller (CC) which the channel program which 
reads a part for said header unit, and is identified by said related data unit downloads in the 
processing engine in PCP. Said CC is transmitted to the memory of said processing engine, in 
order that said payload part may stand by processing by the channel program. 
[0110] Furthermore, the 1st interface processor which notifies to CC that a system is shown, 
and, as for this system, an external host to a data unit is received in asynchronous, and it can 
use for one processing of this data unit, And the part in which said one data unit was processed 
from PCP is received. It has the 2nd interface processor for transmitting in asynchronous the 
data unit which notified the external host of all the parts by which said data unit was processed 
having been received from PCP, and was processed to an external host. 

[0111] Furthermore, the system characterized by the key management code engine (KMCE) is 
shown. And said processing engine is a programmable code engine (PCE) in this case. And a 
means to choose one of the code engines for processing one data unit based on the channel 
index from which PCP possessed the code engine (CCE) which can further be constituted, and 
CC was discriminated by the data unit, And a means to lead said one data unit to the code 
engine chosen according to the channel index is provided. Said selected code engine performs a 
channel program to said one data unit. And said code engine, said CC, and said 1 st and 2nd 
interface processors are manufactured on a single die. Said channel program has a related 
context and this context is memorized in the format enciphered by external memory. And said 
system has the means transmitted to the code engine chosen before it decrypted the context 
and this context processed one data unit. 

[01 12] The method of processing the data unit in the processing system which has two or more 
processing engines is shown. Furthermore, this approach The phase of discriminating one 
channel program from two or more channel programs based on the information in the 1 st thing 
of a data unit, The phase of discriminating one processing engine from said two or more 
processing engines in order to process said 1st data unit. The phase of leading said 1st data 
unit to the memory relevant to said identified processing engine, The phase which loads said 
identified channel program to the identified processing engine, And it is characterized by 
providing the phase of processing said 1st data unit in said identified processing engine using 
said identified channel program. And the phase of identifying said channel includes the phase of 
identifying the context relevant to said channel further. The phase of said context being 
memorized by memory and performing said processing uses the context to which said identified 
channel program relates including the phase of processing of the 1st data unit by said identified 
channel program. 

[0113] The phase where one more approach is shown and this approach identifies a channel 
program, It is characterized by providing the phase of identifying a processing engine, and the 
phase which repeats the phase of performing routing and loading between activation of the 
phase of processing the 1st data unit, for the 2nd data unit. The phase of identifying said 
repeated channel program identifies the 2nd channel program for the 2nd data unit Said 
identified processing engine is the 1st processing engine. Said approach and further The phase 
of identifying the 2nd processing engine in order to process the 3rd thing of a data unit The 
phase of identifying the 3rd channel program for said 3rd data unit The phase of leading said 
3rd data unit to the memory relevant to said 2nd processing engine, The phase which loads said 
3rd channel program to the 2nd processing engine, And it is characterized by providing the 
phase of processing said 3rd data unit in the 2nd processing engine using said 3rd channel 
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program. The phase of processing said 3rd data unit is performed on the phase and coincidence 
target which process said 1st data unit with said 1st processing engine. 
[01 14] One more approach is shown. Said data unit in this case The header field. The phase 
where consist of a command field and a pay load part, and this approach reads the header field 
of a data unit further, The phase of discriminating a channel program from two or more channel 
programs in order to process said data unit based on the channel index in said header field, The 
phase which chooses a processing engine based on said channel program, the phase 
downloaded in the processing engine which had the channel program chosen according to said 
channel index, The phase of expecting processing with said processing engine and transmitting 
a payload part to the memory location relevant to said processing engine. It is characterized by 
providing the phase of receiving a data unit in asynchronous from an external host, and the 
phase of transmitting the processed data unit to an external host in asynchronous. 
[0115] The method of performing the code function in the programmable code processing 
system which has two or more processing units to coincidence is shown. Furthermore, this 
approach The phase of receiving the 1st data unit which consists of the 1st header field, 
command ID field, and payload part. The phase which chooses one of the processing units in 
order to perform one of the code functions to the 1st data unit based on the 1st header field. It 
is characterized by providing the phase led to one processing unit which had the 1st data unit 
chosen, and the phase where one selected processing unit performs one as which the code 
function was chosen to the payload part based on the information in a command ID field. 
[01 16] Moreover, while performing said running phase, the approach of forming the data unit by 
which the 1st was processed in the interface processor is shown, and this approach includes 
the phase of which an external host is notified, when said data unit by which the 1st was 
processed is formed in this case. Moreover, one approach is shown and said routing phase 
includes the phase led to the memory relevant to one processing unit which had said 1st data 
unit chosen in this approach. 

[0117] Furthermore, one approach is shown, and this approach includes the phase which 
chooses one of the code functions, the phase which chooses one of the processing units, and 
said phase to draw about the 2nd data unit, while performing said running phase to said 1st data 
unit 

[0118] Moreover, one approach is shown, and the phase which chooses said one processing unit 
in this case possesses the phase which chooses available one out of said two or more 
processing units in order to attain one of said the code functions further. 

[01 1 9] Furthermore, one approach is shown, and the phase of attaining said one code function 
in this approach includes the phase which uses this key. in order to attain the phase which 
loads the key relevant to said one code function, and a code function. 

[0120] The phase where one more approach is shown and this approach chooses one of said 
the code functions further, It is characterized by providing the phase which repeats the phase 
of performing one as which the code function was chosen for the phase which chooses one of 
said the processing units, said phase to draw, and the 2nd data unit Said 2nd data unit is a data 
unit following the 1st data unit in the data unit by which a single string was received, and said 
1 st and 2nd data units are received in asynchronous from an external host 
[0121] Moreover, one approach is shown, it is characterized by this approach possessing the 
phase which denies further two or more channel programs, and each channel program relates to 
the code function and the key. 

[0122] One approach is shown and it is characterized by this approach possessing a re- 
convention or the phase to redefine for further two or more channels. As for the header field of 
each data unit each channel identifies one of two or more of the channel programs in relation 
to the combination of a code function and a code key. And said phase to perform includes the 
phase of performing one of the code functions by the code key to one channel program about 
each data unit And said code function possesses an encryption function, and said receiving 
phase includes the phase where the plaintext (plain-text) programmable interface of a system 
receives the 1st data unit by the plaintext Said selection stage story includes the phase which 
chooses one of the code functions relevant to said channel program. And the phase of 
performing said one code function is memorized by the system, and includes the phase of the 
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1st data unit which enciphers a payload part at least using the cryptographic key relevant to a 
channel program. And said code function possesses a decryption function, and said receiving 
phase includes the phase where the cipher (cipher-text) programmable interface of a system 
receives said 1st data unit by the cipher. Said phase to choose includes the phase which 
chooses one code function relevant to a channel program. And the phase of performing said 
code function is memonzed by the system, and contains the step of the 1st data unit which 
decrypts a payload part at least using the code key and the selected code function relevant to 
a channel program. 

[0123] One more approach is shown and a code function includes a digital signature function in 
this case. And said receiving phase includes the phase of receiving the 1st data unit in the 
programmable interface of a system. Said selection stage story includes the phase which 
chooses the code function relevant to a channel program. And the phase of performing a code 
function includes the phase of signing said 1st data unit in digital one at least using the code 
key memorized by the system relevant to the selected code function and the selected channel 
program. 

[0124] One more approach is shown and said code function includes the Shinsei certification 
function in this case. And said receiving phase includes the phase of receiving the 1st data unit 
in the programmable interface of a system. Said phase to choose includes the phase which 
chooses the code function relevant to a channel program. And the phase of performing said 
code function includes the phase which carries out Shinsei certification of said 1st data unit 
using the code key memorized in the system relevant to the selected code function and the 
selected channel. 

[0125] One approach is shown further again and said header field includes the field which 
identifies the levels of security of the data unit relevant to the 1st data unit in this case. And 
said 1st data unit identifies the 1st channel program. The 1st channel program has the related 
program evels of security. And including a phase [ levels of security / of said data unit / the 
program levels of security / approach / said ], the phase of performing said code function is 
performed, when said program levels of security are the magnitude same at least as said data 
unit levels of security. 

[0126] The method of furthermore processing a data unit is shown. This approach The phase of 
reading the 1st channel information in the 1st data unit, the phase of processing the 1st data 
unit according to the 1st channel program identified using the 1st channel information. The 
phase of readmg the 2nd channel information in the 2nd data unit, the phase of processing the 
2nd data unit according to the 2nd channel program identified using the 2nd channel 
.nformation. The phase which downloads the 1st channel program in a processing engine 
according to the phase of reading the 1st channel information. And it is characterized by 
providing the phase which answers the phase of reading said 2nd channel information, and 
downloads said 2nd channel program in a processing engine. The phase which downloads said 
2nd channel program is performed between activation of the phase of processing the 1st data 
unit. 

[0127] Furthermore, other approaches are shown, it is characterized by this approach 
possessing the phase which loads the context relevant to the 2nd channel program to the 
memory relevant to a processing engine further, and the phase which loads this context is 
rmooi between activation of the phase of processing the 1st data unit 
L0128J One more approach is shown and a processing engine is one of two or more of the 
processing engines of a code processing system by this approach. The phase of identifying one 
of said the processing engines based on the information by which said approach is further 
included in the 1 st data unit. And it is characterized by providing the phase of leading said 1 st 

^ ^ Z ° nC ° m ° h Said P rocessi "g ens'"* was discriminated. The phase of processing 
said 1st data unit possesses the phase of processing the 1st data unit by one from which said 
processing engine was discriminated. And the phase which downloads said 1st channel program 
possesses the phase which downloads the 1st channel program in one identified processing 
engine. to 

[0129] One more approach is shown. In this case Said reading phase, a processing phase. A 
download phase and a load phase are performed by the programmable code processing system. 
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Said context is memorized by the memory location of the exterior of a system. And the phase 
of decrypting said context in front of the phase where said approach loads said context further, 
the phase of reading the 3rd channel information in the 3rd data unit — this — the phase of 
identifying the 2nd thing of the processing engines based on the information included in the 3rd 
data unit — The phase of leading the 3rd data unit to the 2nd thing of said processing engines, 
and the phase of processing the 3rd data unit in the 2nd processing engine according to the 3rd 
channel program identified using said 3rd channel information are provided. 
[0130] The phase of one more approach being shown and reading said 3rd channel information 
in this case, the phase of identifying the 2nd thing of a processing engine, and the phase of 
drawing the 3rd data unit are performed on the phase and coincidence target which process 
said 1 st data unit 

[0131] When the comprehensive property of this invention is indicated completely and other 
things apply current knowledge by this, the explanation about the above specific operation 
gestalt Such a specific operation gestalt can be changed easily, it can be made to apply to 
various applications, without separating from a comprehensive concept, therefore such 
application and modification should be considered to be contained within semantics and limits 
equivalent to the indicated operation gestalt 

[0132] The usage or nomenclature used here is a thing for explanation, and it should be 
understood that it is not restrictive. Therefore, it replaces and this invention has the intention 
of such a thing including modification, an equivalent and deformation of all that are contained 
within the pneuma of an attached claim, and large limits. 
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* NOTICES * 

Japan Patent Office is not responsible for any 
damages caused by the use of this translation. 

LThis document has been translated by computer. So the translation may not reflect the 
original precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 
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[Brief Description of the Drawings] 

[Drawing 1] It is the hardware block diagram showing the programmable code processing system 
concerning the desirable operation gestalt of this invention. 

[Drawing 2] It is the explanatory view showing processing of the data unit concerning the 
desirable operation gestalt of this invention. 

[Drawing 3] It is the format Fig. showing the data unit suitable for using it with the desirable 
operation gestalt of this invention. 

[Drawing 4] It is the format Fig. showing the channel header suitable for using it in the desirable 
operation gestalt of this invention. 

[Drawing 5] It is the format Fig. showing the command D WORD suitable for using it in the 
desirable operation gestalt of this invention. 

[Drawing 6] It is the explanatory view showing the channel discernment table suitable for using 
it in the desirable operation gestalt of this invention. 

[Drawing 7j It is the explanatory view showing an example of the program address table suitable 
for using it in the desirable operation gestalt of this invention. 

[Drawing 8] It is the flow chart which shows the setup and configuration procedure suitable for 
using it in the desirable operation gestalt of this invention. 

[Drawing 9] It is the flow chart which shows the procedure of the data unit suitable for using it 
in the desirable operation gestalt of this invention. 
[Description of Notations] 
10 Code Processing System 

12 Key Management Code Engine (KMCE) 

13 Plaintext Interface Processor (PTIP) 

14 Programmable Code Engine (PCE) 

16 Code Engine Which Can be Constituted (CCE) 

17 Programmable Code Processor (PCP) 

18 Shared Memory 

1 9 Code Control Section 

20 Test Interface 

21 Programmable Interface 

22 ModN Solution Extractor (NSE) 

24 Code Processor RAM 

25 Internal Memory 

26 Failsafe Reduced Instruction-set Computer (FS-RISC) 
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□ SKEWED/SLANTED IMAGES 

□ COLOR OR BLACK AND WHITE PHOTOGRAPHS 

□ GRAY SCALE DOCUMENTS 



□ REFERENCED) OR EXHIBIT(S) SUBMITTED ARE POOR QUALITY 

□ OTHER: - 

IMAGES ARE BEST AVAILABLE COPY. 
As rescanning these documents will not correct the image 
problems checked, please do not report these problems to 
the IFW Image Problem Mailbox. 



BEST AVAILABLE IMAGES 




LINES OR MARKS ON ORIGINAL DOCUMENT 



